> Software-based attacks are redistributable. Once I write a program
> that hacks a computer, I can give that program to anyone to use. I
> can even give it to everyone, and then anyone could use it. The
> expertise necessary can be abstracted away into a program even my
> mother could use.
>
>
At 4:52 PM +0100 10/22/02, Adam Back wrote:
Remote attestation does indeed require Palladium to be secure against
the local user.
However my point is while they seem to have done a good job of
providing software security for the remote attestation function, it
seems at this point that hardware s
On Tue, 22 Oct 2002, Rick Wash wrote:
> Hardware-based attacks cannot be redistributed. If I figure out how
> to hack my system, I can post instructions on the web but it still
> requires techinical competence on your end if you want to hack your
> system too.
>
> While this doesn't help a whole
On Tue, Oct 22, 2002 at 04:52:16PM +0100, Adam Back wrote:
> So they disclaim in the talk announce that Palladium is not intended
> to be secure against hardware attacks:
>
> | "Palladium" is not designed to provide defenses against
> | hardware-based attacks that originate from someone in control
On Tue, 22 Oct 2002, Nelson Minar wrote:
> I doubt it, though. Even a paper-thin shred of hardware protection is
> enough to prevent 99% of the people from circumventing DRM technology.
> Joe Sixpack isn't going to install a mod chip, and his local computer
> store can't do it for him for fear of
Adam Back says:
>Providing almost no hardware defenses while going to extra-ordinary
>efforts to provide top notch software defenses doesn't make sense if
>the machine owner is a threat.
So maybe the Palladium folks really mean it when they say the purpose
of Palladium is not to enable DRM?
I dou
Remote attestation does indeed require Palladium to be secure against
the local user.
However my point is while they seem to have done a good job of
providing software security for the remote attestation function, it
seems at this point that hardware security is laughable.
So they disclaim in t
At 10:52 PM +0100 10/21/02, Adam Back wrote:
On Sun, Oct 20, 2002 at 10:38:35PM -0400, Arnold G. Reinhold wrote:
There may be a hole somewhere, but Microsoft is trying hard to get
it right and Brian seemed quite competent.
It doesn't sound breakable in pure software for the user, so this
forces
On Sun, Oct 20, 2002 at 10:38:35PM -0400, Arnold G. Reinhold wrote:
> There may be a hole somewhere, but Microsoft is trying hard to get
> it right and Brian seemed quite competent.
It doesn't sound breakable in pure software for the user, so this
forces the user to use some hardware hacking.
The
At 7:15 PM +0100 10/17/02, Adam Back wrote:
Would someone at MIT / in Boston area like to go to this [see end] and send a
report to the list?
I went. It was a good talk. The room was jam packed. Brian is very
forthright and sincere. After he finished speaking, Richard Stallman
gave an uninvite
Would someone at MIT / in Boston area like to go to this and send a
report to the list? Might help clear up some of the currently
unexplained aspects about Palladium, such as:
- why they think it couldn't be used to protect software copyright (as
the subject of Lucky's patent)
- are there plans
11 matches
Mail list logo