Oddbean new post about | logout
8825ea4f | 1 years ago (raw) | export | reply | flag 
 Honest question:

Why should we trust our TPM's to store a secret? What proves the chip maker, U.S. government, or whoever else doesn't have a backdoor API or method to get them to give up our private key?

https://www.youtube.com/watch?v=0RSH3JXqShE

/cc @2ffa8eb4
8825ea4f | 1 years ago (raw) | root | parent | reply | flag 
 What happens if my laptop motherboard dies, and I want to move my harddrive to a new computer? What happens if I want to use a bootable Fedora USB key to debug something on the main system? How do I unlock the disk?
Lennart Poettering | 1 years ago (raw) | root | parent | reply | flag 
 @54ac4ca4 nothing. Its not a binary thing of secure vs. not secure. Its a question of reducing the amount of hw/sw you have to put your trust on, and isolating key mgmt from the huge attack surface that the OS is.

There appears to be a trend btw to bring the tpm into the cpu btw, either in separate circuitry on the same chip or even in secure enclaves of the regular cpu. Which means the logic providing the (v)tpm support can then be properly reviewed/be open source.