Dailydave mailing list archives
Re: CSI 2008 Redux
From: Alexander Sotirov <alex () sotirov net>
Date: Mon, 24 Nov 2008 04:52:14 -0800
On Sun, Nov 23, 2008 at 04:06:40PM +0100, Joanna Rutkowska wrote:
... which, of course, doesn't prevent the hypervisor from being exploited 5 secs after it got securely loaded, e.g. via some buffer overflow bug...
Of course :-)
But, nevertheless, yes, this indeed is a very important feature of the TPM (and the whole trusted boot concept, like e.g. Intel TXT), and people should eventually stop talking that TPM is bad. It is not, and it indeed can provide great value for users concerned about security (and not only physical security!). BTW, I'm also glad to see a VMWare researcher acknowledging it :) So far, only the Xen hypervisor can use the trusted boot mechanism via the Intel-provided tboot component AFAIK. So, looking forward to see the ESX implementing trusted boot at some point in time.
Actually I just quit VMware, so my opinions are my own. I can't speak for the company or comment on ESX. I do agree that TPM has a lot more interesting uses than just DRM. It really looks like we're building something similar to the Secure Hardware Environment from Rainbow's End. I'm not sure if that's a good thing or not, but I doubt it can be stopped, so we might as well try to take advantage of it. Take care, Alex
Attachment:
_bin
Description:
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- CSI 2008 Redux Dave Aitel (Nov 22)
- Re: CSI 2008 Redux RB (Nov 23)
- Re: CSI 2008 Redux Matthijs Koot (Nov 26)
- Re: CSI 2008 Redux RB (Nov 27)
- Re: CSI 2008 Redux Bruce Ediger (Nov 27)
- Re: CSI 2008 Redux RB (Nov 28)
- Re: CSI 2008 Redux Matthijs Koot (Nov 26)
- Re: CSI 2008 Redux RB (Nov 23)
- Re: CSI 2008 Redux Joanna Rutkowska (Nov 23)
- Re: CSI 2008 Redux Alexander Sotirov (Nov 24)