Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)
>>From: Tzafrir Cohen <tzafrir@cohens.org.il>
>>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)
>>
>>> >>> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0).
>>> >>> >> http://unit.aist.go.jp/itri/knoppix/index-en.html
>>> >>> >> It includes trusted computing software based on TPM(Trusted Platform
>>> >>> >> Module). Debian packages on KNOPPIX is validated by Remote Attestation.
>>> >>> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^
>>> >>>
>>> >>> sounds an awful lot like Remote Exploit to me.
>>> >>
>>> >>That's indeed remotely similar.
>>>
>>> Our remote attestation is a kind of CHECKER of two type of database
>>> for trustworthy. The database of DSA (Debian Security Advisory)
>>> validates the packages of knoppix. The database of platform integrity
>>> was created by our samples, which is listed at
>>> http://sourceforge.jp/projects/openpts/wiki/PlatformInfo
>>> The database validates the boot procedure, which is based on "Trusted
>>> Computing".
>>
>>Sorry, I just don't get it.
>>
>>Given that the platform includes gcc, perl and python (and wget), what
>>practical use is there in in the guarantees you can achive?
The TC-Geeks KNOPPIX is a trial environment. However the technique
,whcih combiles remote attestation and trusted boot, prevents insertion
of root kits and offers safe environment.
>>What happens if I just innstall something from source?
The software work well.
If you REPLACE the application which are registered at the database,
you can not connect to remote attestation.
>>Recall that for the Xbox it only took one buggy game to allow installing
>>an arbitrary software (e.g.: Linux) by the user.
------
suzaki
Reply to: