On Mon, 12 Aug 2002, AARG! Anonymous wrote:
Ideally you'd like your agent to truly be autonomous, with its own data,
its own code, all protected from the host and other agents. It could even
carry a store of electronic cash which it could use to fund its activities
on the host machine. It
I need to correct myself.
- Original Message -
From: Joseph Ashwood [EMAIL PROTECTED]
Suspiciously absent though is the requirement for symmetric encryption
(page
4 is easiest to see this). This presents a potential security issue, and
certainly a barrier to its use for
One of the many charges which has been tossed at TCPA is that it will
harm free software. Here is what Ross Anderson writes in the TCPA FAQ
at http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html (question 18):
TCPA will undermine the General Public License (GPL), under which
many free and open
I thought of another interesting application for trusted computing
systems: mobile agents. These are pieces of software which get
transferred from computer to computer, running on each system,
communicating with the local system and other visiting agents,
before migrating elsewhere.
This was a
- Original Message -
From: Mike Rosing [EMAIL PROTECTED]
Are you now admitting TCPA is broken?
I freely admit that I haven't made it completely through the TCPA
specification. However it seems to be, at least in effect although not
exactly, a motherboard bound smartcard.
Because it is
--
On 13 Aug 2002 at 0:05, AARG! Anonymous wrote:
The point is that while this is a form of signed code, it's not
something which gives the TPM control over what OS can boot.
Instead, the VCs are used to report to third party challengers
(on remote systems) what the system
On Tue, 13 Aug 2002, James A. Donald wrote:
To me DRM seems possible to the extent that computers themselves
are rendered tamper resistant -- that is to say rendered set top
boxes not computers, to the extent that unauthorized personnel are
prohibited from accessing general purpose
--
On 12 Aug 2002 at 16:32, Tim Dierks wrote:
I'm sure that the whole system is secure in theory, but I
believe that it cannot be securely implemented in practice and
that the implied constraints on use usability will be
unpalatable to consumers and vendors.
Or to say the same thing
Brian LaMacchia writes:
So the complexity isn't in how the keys get initialized on the SCP (hey, it
could be some crazy little hobbit named Mel who runs around to every machine
and puts them in with a magic wand). The complexity is in the keying
infrastructure and the set of signed
At 07:30 PM 8/12/2002 +0100, Adam Back wrote:
(Tim Dierks: read the earlier posts about ring -1 to find the answer
to your question about feasibility in the case of Palladium; in the
case of TCPA your conclusions are right I think).
The addition of an additional security ring with a secured,
James A. Donald [EMAIL PROTECTED] wrote :
--
On 13 Aug 2002 at 0:05, AARG! Anonymous wrote:
The point is that while this is a form of signed code, it's not
something which gives the TPM control over what OS can boot.
Instead, the VCs are used to report to third party challengers
(on
At 09:07 PM 8/12/2002 +0100, Adam Back wrote:
At some level there has to be a trade-off between what you put in
trusted agent space and what becomes application code. If you put the
whole application in trusted agent space, while then all it's
application logic is fully protected, the danger
actually it is possible to build chips that generate keys as part of
manufactoring power-on/test (while still in the wafer, and the private key
never, ever exists outside of the chip) ... and be at effectively the same
trust level as any other part of the chip (i.e. hard instruction ROM).
using
Interesting. Unless some clever at jobs were involved, this was likely not
written by Ian or Ben. I can vouch that Ian was not near a computer at the
time the second message (with the complete signature) was posted, and Ben
was somewhere over the Atlantic in an airplane, unlikely to be reading
At 07:25 PM 8/13/2002 +0100, Peter Fairbrother wrote:
The above email got bounced, does anyone know why? Neither my (62.3.121.225)
nor the .zen.co.uk IP's are blacklisted anywhere I can find. 208.249.200.24
is on one list (xbl.selwerd.cx), but that isn't (?) the sender.
parmenides.zen.co.uk was
Figured this might be of interest to folks here...
- Forwarded message from [EMAIL PROTECTED] -
Date: Mon, 12 Aug 2002 11:45:26 -0600
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
In the most recent _Science_ some biologists gripe that the scientists
who synthesized infectious
poliovirus from its description were not doing anything novel, just a
prank. Any biologist
would have known that, since you could concatenate nucleotide strings,
and since polio needs nothing
Gary Jeffers
Sent: Tuesday, August 13, 2002 3:07 PM
To: [EMAIL PROTECTED]
Subject: A faster way to factor prime numbers found?
A faster way to factor prime numbers found?
AFICT, the proposed algorithm is for a test for primality and does not
represent an algorithm to factor composites.
On Tue, 13 Aug 2002, Lucky Green wrote:
Gary Jeffers
Sent: Tuesday, August 13, 2002 3:07 PM
To: [EMAIL PROTECTED]
Subject: A faster way to factor prime numbers found?
A faster way to factor prime numbers found?
AFICT, the proposed algorithm is for a test for primality and does not
19 matches
Mail list logo