Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)
On Mon, Feb 11, 2008 at 07:31:11AM -0800, Andrew Sackville-West wrote:
> On Mon, Feb 11, 2008 at 11:32:51AM +0000, steef wrote:
> > Kuniyasu Suzaki wrote:
> >> Dear,
> >>
> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0).
> >> http://unit.aist.go.jp/itri/knoppix/index-en.html
> >> It includes trusted computing software based on TPM(Trusted Platform
> >> Module). Debian packages on KNOPPIX is validated by Remote Attestation.
> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^
>
> sounds an awful lot like Remote Exploit to me.
That's indeed remotely similar.
It means that someone at a different machine on the network can be
guaranteed that this specific software is only running on that system.
Naturally this will not work without BIOS-level support.
See e.g.: http://lwn.net/Articles/144681/
That said, I don't fully understand what they attempt to provide.
>From the little I understand, I figure that their system tries to
guarantee that all software is valid Debian debs (plus some bits from
their repositories). I have no idea how they implemented this. I have no
idea what are the actual guarantees of kernel-level "trusted computing"
to a system as complex as Debian.
--
Tzafrir Cohen | tzafrir@jabber.org | VIM is
http://tzafrir.org.il | | a Mutt's
tzafrir@cohens.org.il | | best
ICQ# 16849754 | | friend
Reply to: