[16802] in cryptography@c2.net mail archive
Re: Dell to Add Security Chip to PCs
daemon@ATHENA.MIT.EDU (Erwann ABALEA)
Fri Feb 4 12:38:29 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 3 Feb 2005 14:49:28 +0100 (CET)
From: Erwann ABALEA <erwann@abalea.com>
To: Dan Kaminsky <dan@doxpara.com>
Cc: "Trei, Peter" <ptrei@rsasecurity.com>,
Tyler Durden <camera_lumina@hotmail.com>, rah@shipwright.com,
cryptography@metzdowd.com, cypherpunks@al-qaeda.net
In-Reply-To: <42016634.2040104@doxpara.com>
On Wed, 2 Feb 2005, Dan Kaminsky wrote:
> Uh, you *really* have no idea how much the black hat community is
> looking forward to TCPA. For example, Office is going to have core
> components running inside a protected environment totally immune to
> antivirus.
How? TCPA is only a cryptographic device, and some BIOS code, nothing
else. Does the coming of TCPA chips eliminate the bugs, buffer overflows,
stack overflows, or any other way to execute arbitrary code? If yes, isn't
that a wonderful thing? Obviously it doesn't (eliminate bugs and so on).
> Since these components are going to be managing
> cryptographic operations, the "well defined API" exposed from within the
> sandbox will have arbitrary content going in, and opaque content coming
> out. Malware goes in (there's not a executable environment created that
> can't be exploited), sets up shop, has no need to be stealthy due to the
> complete blockage of AV monitors and cleaners, and does what it wants to
> the plaintext and ciphertext (alters content, changes keys) before
> emitting it back out the opaque outbound interface.
I use cryptographic devices everyday, and TCPA is not different than the
present situation. No better, no worse.
--
Erwann ABALEA <erwann@abalea.com> - RSA PGP Key ID: 0x2D0EABD5
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
