On Friday, April 7, 2017 at 11:15:46 AM UTC-4, cooloutac wrote:
> On Tuesday, April 4, 2017 at 6:20:35 PM UTC-4, tai...@gmx.com wrote:
> > On 04/04/2017 10:19 AM, cooloutac wrote:
> >
> > >
> > > The hacking teams insyde bios exploit could only have been stopped with
> > > secure boot.
> > >
> >
On Tuesday, April 4, 2017 at 6:20:35 PM UTC-4, tai...@gmx.com wrote:
> On 04/04/2017 10:19 AM, cooloutac wrote:
>
> >
> > The hacking teams insyde bios exploit could only have been stopped with
> > secure boot.
> >
> Uhh no that isn't true, and again you're using microsoft's marketing
> name for
On Tuesday, April 4, 2017 at 6:20:35 PM UTC-4, tai...@gmx.com wrote:
> On 04/04/2017 10:19 AM, cooloutac wrote:
>
> >
> > The hacking teams insyde bios exploit could only have been stopped with
> > secure boot.
> >
> Uhh no that isn't true, and again you're using microsoft's marketing
> name for
On Tue, Apr 4, 2017 at 6:21 PM, taii...@gmx.com wrote:
> On 04/04/2017 12:36 PM, Steve Coleman wrote:
>
>> On 04/04/2017 10:29 AM, taii...@gmx.com wrote:
>>
>>> Opal is proprietary garbage,
>>
>>
>> Actually its an open standard, not controlled by any government or
>> corporation. One link I provi
On 04/04/2017 12:36 PM, Steve Coleman wrote:
On 04/04/2017 10:29 AM, taii...@gmx.com wrote:
Opal is proprietary garbage,
Actually its an open standard, not controlled by any government or
corporation. One link I provided was to the standard which gets down
to the data structure byte memory
On 04/04/2017 10:19 AM, cooloutac wrote:
The hacking teams insyde bios exploit could only have been stopped with secure
boot.
Uhh no that isn't true, and again you're using microsoft's marketing
name for something that is a generic technology (signing of kernel and
important files) implemen
On Tuesday, April 4, 2017 at 10:29:55 AM UTC-4, tai...@gmx.com wrote:
> Opal is proprietary garbage, and proprietary crypto schemes are almost
> always terrible. (there is also no real way to check that it is actually
> working and still working).
>
> TXT is intel marketing, it isn't anything sp
On 04/04/2017 02:27 AM, Vít Šesták wrote:
That sounds interesting. Well, I don't think Opal provides a better protection,
but it comes with a potentially lower price.
I'll try to compare level of protection, correct me if I am wrong:
Ok, ;)
Persistent malware installed from a running system
On 04/04/2017 10:29 AM, taii...@gmx.com wrote:
Opal is proprietary garbage,
Actually its an open standard, not controlled by any government or
corporation. One link I provided was to the standard which gets down to
the data structure byte memory layout and data interchange requirements.
a
Opal is proprietary garbage, and proprietary crypto schemes are almost
always terrible. (there is also no real way to check that it is actually
working and still working).
TXT is intel marketing, it isn't anything special just DRTM vs regular
TPM SRTM that makes it so something can change slig
The hacking teams insyde bios exploit could only have been stopped with secure
boot.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@go
On Saturday, April 1, 2017 at 5:45:49 AM UTC-4, tai...@gmx.com wrote:
> On 03/31/2017 10:45 PM, cooloutac wrote:
> > On Friday, March 31, 2017 at 4:20:09 PM UTC-4, Vít Šesták wrote:
> >> Thanks for your responses. p
> >>
> >> In this thread, I'd like to discuss how much can it help (i.e., how hard
That sounds interesting. Well, I don't think Opal provides a better protection,
but it comes with a potentially lower price. I'll try to compare level of
protection, correct me if I am wrong:
Persistent malware installed from a running system: Both are rather clueless
unless you decide to lock
On 04/01/2017 07:31 AM, Vít Šesták wrote:
The problem is:
1. The AEM is not perfect. Various vulnerabilities have been published and I am
unsure what level of real protection (i.e., not just obscurity) can it provide.
2. AEM is not for free. When filtering only laptops with TXT+TPM, you have
I agree that secure boot is not a good protection against malware. Even if we
consider just dom0 protection, without considering AppVMs:
With systems allowing a limited level of customization (e.g., ChromeOS or
Android), this might provide a limited level of protection. It can guarantee
that yo
On 03/31/2017 10:45 PM, cooloutac wrote:
On Friday, March 31, 2017 at 4:20:09 PM UTC-4, Vít Šesták wrote:
Thanks for your responses. p
In this thread, I'd like to discuss how much can it help (i.e., how hard is it
to bypass).
On self-encrypting devices: I generally don't trust those impleme
On Friday, March 31, 2017 at 10:45:28 PM UTC-4, cooloutac wrote:
> On Friday, March 31, 2017 at 4:20:09 PM UTC-4, Vít Šesták wrote:
> > Thanks for your responses. p
> >
> > In this thread, I'd like to discuss how much can it help (i.e., how hard is
> > it to bypass).
> >
> > On self-encrypting d
On Friday, March 31, 2017 at 4:20:09 PM UTC-4, Vít Šesták wrote:
> Thanks for your responses. p
>
> In this thread, I'd like to discuss how much can it help (i.e., how hard is
> it to bypass).
>
> On self-encrypting devices: I generally don't trust those implementations to
> be well-reviewed an
Thanks for your responses. p
In this thread, I'd like to discuss how much can it help (i.e., how hard is it
to bypass).
On self-encrypting devices: I generally don't trust those implementations to be
well-reviewed and well-designed, so SED is not a use case for me.
Regards,
Vít Šesták 'v6ak'
Without a TPM you will be limited as to what you can do with any TCG
Opal compliant self encrypting drives (SED), and for a laptop this is a
very interesting feature to loose. Most all SSD's I know are Opal
compliant and many laptop spinning drives are as well. Take a look at
the rpm package se
On Tue, Mar 28, 2017 at 2:40 AM, Vít Šesták
wrote:
> AFAIU, TPM is useful mostly for AEM. But AEM requires Intel TXT (which is
> missing even on some high-end CPUs). But TXT has various vulnerabilities. How
> much real protection can it offer? Is it worth the hassle (finding a laptop
> with bot
AFAIU, TPM is useful mostly for AEM. But AEM requires Intel TXT (which is
missing even on some high-end CPUs). But TXT has various vulnerabilities. How
much real protection can it offer? Is it worth the hassle (finding a laptop
with both TPM and TXT and installing and using AEM)?
To be honest,
22 matches
Mail list logo