March 6th, 2010 at 05:22pm Under TPM
I’m pleased to see another big vote in favour of the Trusted Computing Group’s Trusted Platform Module, with the announcement at the RSA Conference by Will Drewey of Google that all Google netbook products will ship with a TPM on board and a trusted boot path. The experienced user can disable all this, but they [...]
Continue Reading Google’s Chrome OS netbooks to feature TPMs
By Ken Y-N Add comment
February 23rd, 2010 at 03:41pm Under TPM
I’ve just learnt of two articles that take a calmer look at the recent Black Hat TPM hack - first, PC Security Hack Is No Big Deal by Gerson Lehrman Group, then Old hacks never die, they just attack new systems by Government Computer News.
Continue Reading More coverage on the Black Hat TPM hack
Tags: black hat
By Ken Y-N Add comment
February 5th, 2010 at 03:12pm Under TPM
The big news of the last week in the Trusted Computing world has been an announcement of an attack on a TPM. The full article is very interesting to see how the attack took place.
The Trusted Computing Group has also published their opinion on the attack, which highlights that nothing is ever 100% secure, but [...]
Continue Reading Hardware attack on Trusted Platform Module
Tags: black hat
By Ken Y-N Add comment
January 18th, 2010 at 03:15pm Under TPM
Here’s a bit of a technically inaccurate but sufficiently curious post from The Register on Apple’s control over the software on the iPhone. The main thrust of the article is about the impending (or otherwise…) release of the iSlate or whatever the rumoured Apple tablet will be called, but they have this comment:
Microsoft once suggested [...]
Continue Reading Apple’s iPhone control versus the TPM
By Ken Y-N Add comment
December 16th, 2009 at 02:29pm Under TPM
There was an interesting post on the FPGA Gurus blog recently, looking at Sidechannel attacks of FPGAs and how they relate to the TPM. It notes that Cryptography Research, the leaders in developing defensive methods against power analysis attacks on hardware, are working with the Trusted Computing Group on issues surrounding these kinds of attacks [...]
Continue Reading Differential Power Analysis and the Trusted Platform Module
Tags: cryptography research, dpa, fips-140, fpga
By Ken Y-N Add comment
December 14th, 2009 at 02:48pm Under TPM
As I suspected two months ago when the Evil Maid first came to my attention, she can get at your hard disk encryption passwords even if you use TPM, as discussed in a recent article on The H. Note that even though they described the hack in detail, Fraunhofer also stressed that:
Despite the security vulnerability, [...]
Continue Reading Fraunhofer SIT and their BitLocker TPM hacks
Tags: bitlocker, evil maid, Fraunhofer, heise
By Ken Y-N Add comment
November 27th, 2009 at 04:20pm Under TPM
With Google recently releasing the design documents for their Chromium (Chrome) OS I was also curious to see if they had considered the Trusted Computing Group’s Trusted Platform Module, so I was pleased to see a sub-section on TPM support in the description of firmware boot. However, all that section says is that a TPM [...]
Continue Reading Google Chromium (Chrome) OS versus the TPM
Tags: berlios, chrome, chromium, google, tpm emulator, trusted boot, verified boot
By Ken Y-N 1 comment
November 19th, 2009 at 12:38pm Under TPM
On ComputerWeekly.com there’s a rather truncated article about why corporate adoption of TCG standards are low. About the only bit of the article I can agree with is:
latent suspicion is very much alive
But all the rest seems very much a collection of various rumours, rather than a serious study as suggested by the featuring of [...]
Continue Reading Trusted Computing rejected due to privacy, security concerns
Tags: isaca
By Ken Y-N Add comment
November 17th, 2009 at 03:04pm Under TPM
In an interesting development reported on by EE Times, Infineon Technologies AG are to get their Trusted Platform Module Certificate Authority certified by VeriSign. This will give them a Root Certificate which will enable Infineon’s TPMs to issue secure digital certificates.
In related news, on the Trusted Computing Group web site, it notes that Infineon’s TPM [...]
Continue Reading VeriSign to endorse Infineon’s TPM
Tags: ee times, infineon, verisign
By Ken Y-N 2 comments
November 7th, 2009 at 02:39pm Under TPM
I enjoyed reading this article from Scott Hanselman’s ComputerZen blog on how to set up BitLocker but still be able to boot into virtual hard disk images.
It was also interesting to see that Microsoft now require all contractors (and presumably full-time staff too) to encrypt all their drives with BitLocker.
Continue Reading TPM, BitLocker, and Microsoft contractors
By Ken Y-N Add comment
