[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)

On Tue, Feb 12, 2008 at 09:02:38PM +0900, Kuniyasu Suzaki wrote:
>  >>From: Tzafrir Cohen <tzafrir@cohens.org.il>
>  >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)
>  >>
>  >>>  >>> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0).
>  >>>  >>> >>    http://unit.aist.go.jp/itri/knoppix/index-en.html
>  >>>  >>> >> It includes trusted computing software based on TPM(Trusted Platform
>  >>>  >>> >> Module). Debian packages on KNOPPIX is validated by Remote Attestation.
>  >>>  >>> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^
>  >>>  >>> 
>  >>>  >>> sounds an awful lot like Remote Exploit to me.
>  >>>  >>
>  >>>  >>That's indeed remotely similar.
>  >>> 
>  >>> Our remote attestation is a kind of CHECKER of two type of database
>  >>> for trustworthy. The database of DSA (Debian Security Advisory)
>  >>> validates the packages of knoppix.  The database of platform integrity
>  >>> was created by our samples, which is listed at
>  >>>   http://sourceforge.jp/projects/openpts/wiki/PlatformInfo
>  >>> The database validates the boot procedure, which is based on "Trusted
>  >>> Computing".
>  >>
>  >>Sorry, I just don't get it.
>  >>
>  >>Given that the platform includes gcc, perl and python (and wget), what
>  >>practical use is there in in the guarantees you can achive?
> The TC-Geeks KNOPPIX is a trial environment. However the technique
> ,whcih combiles remote attestation and trusted boot, prevents insertion 
> of root kits and offers safe environment.

Your disk image is shipped with a kernel image that has a nice root
exploit (vmpslice). Yeah, I know, bad luck. What impact does it have on
your guarantees?

What impact do your guarantees have on exploitations of that hole?

>  >>What happens if I just innstall something from source?
> The software work well. 
> If you REPLACE the application which are registered at the database,
> you can not connect to remote attestation.
>  >>Recall that for the Xbox it only took one buggy game to allow installing
>  >>an arbitrary software (e.g.: Linux) by the user.

So it cannot prevent me from running arbitrary code. It just gives
someone a grarantee that certain files are valid.

Well, I suspect that if someone is root, the possibilities are basically
endless - there are many places where you can just add some files to
have an impact on the whole system.

Tzafrir Cohen         | tzafrir@jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir@cohens.org.il |                    |  best
ICQ# 16849754         |                    | friend

Reply to: