On Fri, Feb 20, 2009 at 1:48 AM, Courtay Olivier <[email protected]> wrote: > Their are available here: > http://theinvisiblethings.blogspot.com/2009/02/attacking-intel-txt-paper-and-slides.html
Thanks, that was interesting. They focus on breaking the SMM mode, apparently via BIOS bugs. Just reading BIOS SMM code is actually quite difficult, and they exploited a different BIOS bug to be able to do that. Then they found bugs in the BIOS SMI handling code which could allow further exploits. The PC architecture is such a hack. One wonders sometimes if the idea of making a PC into a "trusted computer" is just a pipe dream. TXT is supposed to be protected against SMM via a SMM Transfer Monitor, STM. None of these exist yet apparently. The authors point out that there will be no guarantee that they work right, when they do come out. I'd suggest that you could say the same thing about the SINIT module which is at least as important. I wish Intel would publish the source code of these modules for review. In any case I believe the STM code is part of what gets hashed into the PCRs on TXT launch, right? So in the future you will be able to tell if a system has implemented an STM, which should add confidence that the TXT mode is secure. Hal Finney ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ tboot-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tboot-devel
