Dailydave mailing list archives

Re: CSI 2008 Redux

From: Alexander Sotirov <alex () sotirov net>
Date: Mon, 24 Nov 2008 04:52:14 -0800

On Sun, Nov 23, 2008 at 04:06:40PM +0100, Joanna Rutkowska wrote:

... which, of course, doesn't prevent the hypervisor from being exploited 5 secs
after it got securely loaded, e.g. via some buffer overflow bug...


Of course :-)

But, nevertheless, yes, this indeed is a very important feature of the TPM (and
the whole trusted boot concept, like e.g. Intel TXT), and people should
eventually stop talking that TPM is bad. It is not, and it indeed can provide
great value for users concerned about security (and not only physical security!).

BTW, I'm also glad to see a VMWare researcher acknowledging it :) So far, only
the Xen hypervisor can use the trusted boot mechanism via the Intel-provided
tboot component AFAIK. So, looking forward to see the ESX implementing trusted
boot at some point in time.


Actually I just quit VMware, so my opinions are my own. I can't speak for the
company or comment on ESX.

I do agree that TPM has a lot more interesting uses than just DRM. It really
looks like we're building something similar to the Secure Hardware Environment
from Rainbow's End. I'm not sure if that's a good thing or not, but I doubt it
can be stopped, so we might as well try to take advantage of it.

Take care,
Alex

Attachment: _bin
Description:

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

CSI 2008 Redux Dave Aitel (Nov 22)
- Re: CSI 2008 Redux RB (Nov 23)
  - Re: CSI 2008 Redux Matthijs Koot (Nov 26)
    - Re: CSI 2008 Redux RB (Nov 27)
    - Re: CSI 2008 Redux Bruce Ediger (Nov 27)
    - Re: CSI 2008 Redux RB (Nov 28)
- Re: CSI 2008 Redux Alexander Sotirov (Nov 23)
  - Re: CSI 2008 Redux Joanna Rutkowska (Nov 23)
    - Re: CSI 2008 Redux Alexander Sotirov (Nov 24)