[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)

On Mon, Feb 11, 2008 at 07:31:11AM -0800, Andrew Sackville-West wrote:
> On Mon, Feb 11, 2008 at 11:32:51AM +0000, steef wrote:
> > Kuniyasu Suzaki wrote:
> >> Dear,
> >>
> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0).
> >>    http://unit.aist.go.jp/itri/knoppix/index-en.html
> >> It includes trusted computing software based on TPM(Trusted Platform
> >> Module). Debian packages on KNOPPIX is validated by Remote Attestation.
> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^
> sounds an awful lot like Remote Exploit to me.

That's indeed remotely similar.

It means that someone at a different machine on the network can be
guaranteed that this specific software is only running on that system.
Naturally this will not work without BIOS-level support.

See e.g.: http://lwn.net/Articles/144681/

That said, I don't fully understand what they attempt to provide.

>From the little I understand, I figure that their system tries to
guarantee that all software is valid Debian debs (plus some bits from
their repositories). I have no idea how they implemented this. I have no
idea what are the actual guarantees of kernel-level "trusted computing" 
to a system as complex as Debian. 

Tzafrir Cohen         | tzafrir@jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir@cohens.org.il |                    |  best
ICQ# 16849754         |                    | friend

Reply to: