[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)

 >>From: Tzafrir Cohen <tzafrir@cohens.org.il>
 >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)
 >>>  >>> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0).
 >>>  >>> >>    http://unit.aist.go.jp/itri/knoppix/index-en.html
 >>>  >>> >> It includes trusted computing software based on TPM(Trusted Platform
 >>>  >>> >> Module). Debian packages on KNOPPIX is validated by Remote Attestation.
 >>>  >>> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^
 >>>  >>> 
 >>>  >>> sounds an awful lot like Remote Exploit to me.
 >>>  >>
 >>>  >>That's indeed remotely similar.
 >>> Our remote attestation is a kind of CHECKER of two type of database
 >>> for trustworthy. The database of DSA (Debian Security Advisory)
 >>> validates the packages of knoppix.  The database of platform integrity
 >>> was created by our samples, which is listed at
 >>>   http://sourceforge.jp/projects/openpts/wiki/PlatformInfo
 >>> The database validates the boot procedure, which is based on "Trusted
 >>> Computing".
 >>Sorry, I just don't get it.
 >>Given that the platform includes gcc, perl and python (and wget), what
 >>practical use is there in in the guarantees you can achive?

The TC-Geeks KNOPPIX is a trial environment. However the technique
,whcih combiles remote attestation and trusted boot, prevents insertion 
of root kits and offers safe environment.

 >>What happens if I just innstall something from source?

The software work well. 
If you REPLACE the application which are registered at the database,
you can not connect to remote attestation.

 >>Recall that for the Xbox it only took one buggy game to allow installing
 >>an arbitrary software (e.g.: Linux) by the user.


Reply to: