Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Eugen Leitl
On Sat, Feb 05, 2005 at 01:19:46AM +, Justin wrote: If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? I don't think so, I think the flag is in the bitstream and doesn't affect visual output at all. You

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Dave Emery
On Sat, Feb 05, 2005 at 11:23:14AM +0100, Eugen Leitl wrote: The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. I have yet to see a single HDTV movie/broadcast, and I understand most TV sets can't display anything beyond

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Eugen Leitl
On Fri, Feb 04, 2005 at 08:21:47PM +, Justin wrote: They managed with the HTDV broadcast flag mandate. If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? Watermarks will, but that's the next mass genocide by

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Justin
On 2005-02-03T22:25:28+0100, Anonymous wrote: The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Shawn K. Quinn
On Fri, 2005-02-04 at 19:07 -0800, James A. Donald wrote: The ability to convincingly tell the truth is a very handy one between people who are roughly equal. It is a potentially disastrous one if one party can do violence with impunity to the one with the ability to convincingly tell the

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Justin
On 2005-02-04T23:28:56+0100, Eugen Leitl wrote: On Fri, Feb 04, 2005 at 08:21:47PM +, Justin wrote: They managed with the HTDV broadcast flag mandate. If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved?

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Anonymous
As far as the question of malware exploiting TC, it's difficult to evaulate without knowing more details about how the technology ends up being used. First there was TCPA, which is now called TCG. Microsoft spun off their own version called Palladium, then NGSCB. But then Microsoft withdrew

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread Anonymous
Eric Murray writes: The TCPA chip verifies the (signature on the) BIOS and the OS. So the software driver is the one that's trusted by the TCPA chip. I don't believe this is correct. The TPM does not verify any signatures. It is fundamentally a passive chip. Its only job is to store hashes of

Re: Dell to Add Security Chip to PCs

2005-02-07 Thread James A. Donald
-- On 3 Feb 2005 at 22:25, Anonymous wrote: Now, my personal perspective on this is that this is no real threat. It allows people who choose to use the capability to issue reasonably credible and convincing statements about their software configuration. Basically it allows people to tell

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Joseph Ashwood
- Original Message - From: Shawn K. Quinn [EMAIL PROTECTED] Subject: Re: Dell to Add Security Chip to PCs Isn't it possible to emulate the TCPA chip in software, using one's own RSA key, and thus signing whatever you damn well please with it instead of whatever the chip wants to sign

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Ian G
Ed Reed wrote: I'm just curious on this point. I haven't seen much to indicate that Microsoft and others are ready for a nymous, tradeable software assets world. No, and neither are corporate customers, to a large extent. Right, so my point (I think) was that without some indication that

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Justin
On 2005-02-04T14:30:48-0500, Mark Allen Earnest wrote: The government was not able to get the Clipper chip passed and that was backed with the horror stories of rampant pedophilia, terrorism, and organized crime. Do you honestly believe they will be able to destroy open source, linux,

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Anne Lynn Wheeler
Peter Gutmann wrote: Neither. Currently they've typically been smart-card cores glued to the MB and accessed via I2C/SMB. and chips that typically have had eal4+ or eal5+ evaluations. hot topic in 2000, 2001 ... at the intel developer's forums and rsa conferences

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Anne Lynn Wheeler
Erwann ABALEA wrote: I've read your objections. Maybe I wasn't clear. What's wrong in installing a cryptographic device by default on PC motherboards? I work for a PKI 'vendor', and for me, software private keys is a nonsense. How will you convice Mr Smith (or Mme Michu) to buy an expensive CC

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Dan Kaminsky
The best that can happen with TCPA is pretty good - it could stop a lot of viruses and malware, for one thing. No, it can't. That's the point; it's not like the code running inside the sandbox becomes magically exploitproof...it just becomes totally opaque to any external auditor. A black

Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Steven M. Bellovin
In message [EMAIL PROTECTED], Dan Kaminsky writes: Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a

Re: Dell to Add Security Chip to PCs

2005-02-03 Thread Ian G
Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your

Re: Dell to Add Security Chip to PCs

2005-02-03 Thread Eugen Leitl
On Wed, Feb 02, 2005 at 05:30:33PM +0100, Erwann ABALEA wrote: Please stop relaying FUD. You have full control over your PC, even if this Please stop relaying pro-DRM pabulum. The only reason for Nagscab is restricting the user's rights to his own files. Of course there are other reasons for

RE: Dell to Add Security Chip to PCs

2005-02-03 Thread Trei, Peter
Erwann ABALEA On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your

Re: Dell to Add Security Chip to PCs

2005-02-03 Thread Dan Kaminsky
Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. Since these components are going to be managing cryptographic operations, the

RE: Dell to Add Security Chip to PCs

2005-02-03 Thread Peter Gutmann
Tyler Durden [EMAIL PROTECTED] writes: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? Neither. Currently they've typically been

RE: Dell to Add Security Chip to PCs

2005-02-03 Thread Jay Sulzberger
On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full

Re: Dell to Add Security Chip to PCs

2005-02-03 Thread Erwann ABALEA
On Wed, 2 Feb 2005, Dan Kaminsky wrote: Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a cryptographic

RE: Dell to Add Security Chip to PCs

2005-02-03 Thread Erwann ABALEA
On Thu, 3 Feb 2005, Jay Sulzberger wrote: On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full

RE: Dell to Add Security Chip to PCs

2005-02-02 Thread Steve Thompson
--- Trei, Peter [EMAIL PROTECTED] wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Well we all know that having complete control over one's own computer is far

Re: Dell to Add Security Chip to PCs

2005-02-02 Thread Eugen Leitl
On Wed, Feb 02, 2005 at 12:45:58PM -0500, Steve Thompson wrote: Well we all know that having complete control over one's own computer is far too dangerous. Obviously, it would be best if computers, operating systems, and application software had proprietary back-doors that would enable the

RE: Dell to Add Security Chip to PCs

2005-02-02 Thread Trei, Peter
Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Peter Trei Tyler Durden ANyone familiar with computer architectures and chips able to answer this question: That

RE: Dell to Add Security Chip to PCs

2005-02-02 Thread Erwann ABALEA
On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is

RE: Dell to Add Security Chip to PCs

2005-02-01 Thread Tyler Durden
ANyone familiar with computer architectures and chips able to answer this question: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? -TD