Re: [OT] Trusted Computing and GnuPG

To: debian-user@lists.debian.org
Subject: Re: [OT] Trusted Computing and GnuPG
From: Gnu-Raiz <Gnu-Raiz@midsouth.rr.com>
Date: Thu, 17 Mar 2005 11:12:23 -0600
Message-id: <[🔎] 20050317171222.GB15036@midsouth.rr.com>
In-reply-to: <[🔎] 1111075845.8696.62.camel@haggis.homelan>
References: <[🔎] 1111075845.8696.62.camel@haggis.homelan>

On 10:10, Thu 17 Mar 05, Ron Johnson wrote:
> 
> http://news.com.com/Hardware+security+sneaks+into
> +PCs/2100-7355_3-5619035.html?tag=st.num
> 
> "The technology locks specialized encryption keys in a data
> vault--essentially a chip on the computer's motherboard."
> 
> The PGP & SSH keys that some people currently store on USB thumb
> drives, would we be able to store them in this TC chip?
> 
> -- 
> -----------------------------------------------------------------
> Ron Johnson, Jr.
> Jefferson, LA USA
> PGP Key ID 8834C06B I prefer encrypted mail.
> 
> "My advice to you is to get married: If you find a good wife, you
> will be happy; if not, you will become a philosopher."
> Socrates
> 

If I read the article right, your OS has to access and
assiminate the needed data on the chip. So for right now this chip could
not be used for this purpose at this time. If you remember
this whole trusted computer stuff, is a way to lock down
harddware data access. 

Why would you want to store your SSH keys on the chip, what
happens if someone steals you computer, they now have all
your keys in one spot. Ok it can happen today as well, so I
really do not think that having a vault will solve that many
problems. What it will do is drive up less open access,
which is really against the whole free software idea, as
well as against the open source ideals.

Then you need to consider hardware failures, if your
harddrive fails can you access the data on another system? I
do not see any advantage to this over what is in place right
now. Now if your Microsoft then sure its a gold mine,
because you can lock down the hardware and refuse others to
not access data written with your formats, same goes for
DVD's.

The solution I see for this problem is not to buy DRM ladden
hardware. I know I will not buy another system from the
listed manufactures. I want open access to all my hardware,
as well as software, if I buy a motherboard I will go out of
my way to not have the chip listed. The same goes for other
hardware if it states it supports this chip I will get one
that does not.

If the market does go this route, then I might not have a
choice, but if it work for Microsoft, then it can work for
Open Source. I would love to get a system that only allows a
user to use Open Source Software, and will refuse to install
Windows, or Office. Now that would be cool, no forced
upgrades, no bloated software forced upon us because this
little chip stores the only allowed data. 

As we all know if a person has access to the hardware, it is
insecure, so if they are doing this for security it might
not work as planned.

Gnu-Raiz

Reply to:

Follow-Ups:
- Re: [OT] Trusted Computing and GnuPG
  - From: Ron Johnson <ron.l.johnson@cox.net>

References:
- [OT] Trusted Computing and GnuPG
  - From: Ron Johnson <ron.l.johnson@cox.net>

Prev by Date: Re: cdrecord: no blanking of CD-RW possible
Next by Date: RE: [OT] Trusted Computing and GnuPG
Previous by thread: [OT] Trusted Computing and GnuPG
Next by thread: Re: [OT] Trusted Computing and GnuPG
Index(es):
- Date
- Thread