On Mon May 01, 2006 at 22:46:12 +0930, Glen Turner wrote: >Benno wrote: > >>BitLocker is software. It uses the TPM hardware to verify the boot >>process. (I'm trying to get more information on that.) > >Hi Benno, > >Verifying the boot process is exactly the problem. > >Let's buy a machine, say it comes with Windows installed and >the "bitlocked" feature on.
But Bitlocker is a piece of software you have to first install and then turn on, not something that comes installed and enabled on the machine when you buy it. And if for some reason it did, you could simply reinstall from scratch and then turn it on after installing. >Now let's install Linux, this installs a bootloader. Let's >say the linux bootloader detects Windows and chain loads the >Windows bootloader. > >Now the boot process into Windows was > - BIOS > - windows boot loader > - windows >and is now > - BIOS > - linux boot loader > - windows boot loader > - windows > >So if TPM works at all then Windows will spit the dummy and >declare that the boot process has been compromised. > >You can also make a similar argument about the partition table: >decreasing the size of the Windows volume should lead to the TPM >informing Windows that it has been compromised. This unfortunately >does away with the simple hack of allowing dual booting by restoring >the Windows' boot loader when wanting to run Windows. > >The only way out is for some mechanism for Windows to be reauthorised >to the TPM after Linux has been installed. I don't know enough >about the TPM hardware API to know if Windows has to participate >in this (eg, does the API return the checksum, or just an indication >that the hardware and software are authorised). There is no reason I can see, in theory, why you couldn't 1/ Turn off TPM boot 2/ Install linux 3/ Turn TPM back on checksum-ing the new bootloader. But yeah, I have only really had a brief look at the TPM documentation, it might need Windows assistance to do this. And even if windows lets you do this, it could pontetially destroy any remote attestation guarentees that could be given, but I don't *think* bitlocker is really about remote attestation, although that is something else that can be done with TPM hardware. In any case, my main points were that: - Bitlocker is an optional feature the you have to enable. - The "frustration" referred to in the original register article was simply about accessing encrypted data, not about not being able to dual boot. Cheers, Benno -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
