| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dufresne at winternet.com (Ron DuFresne) Subject: Trustworthy Computing Mini-Poll On Fri, 20 Dec 2002, Simon Richter wrote: [SNIP] > > I'd say protection from binary viruses and stack overflows, plus if > someone breaks into your computer and you have stored your key in a safe > place you can tell what she modified. So this would be a definitve must > if you're builing a server, and I'm asking now whether you would like > those features on your home box as well, even if you had to give up DVD > copying or get special illegal hardware for it. > tripwire and any other applcation that stores and checks md5 or sha1 checksum signatures for files already accomplishes the later part above, if properly maintained. So, TCPA would be overkill, and redundant for those that already use applications for this purpose. > Basically I'm on your side -- but I fear that if noone speaks up and > points out a better alternative, we will be stuck with TCPA as it > currently is, and lose the options we currently have anyway (since we > cannot decrypt stuff from the Internet or from DVDs on our hardware). So > I'm searching for a better alternative. I'm ignoring all the copy > protection stuff since it will be broken withing a few moths anyway, and > just concentrate on the stuff M$ invented against the OSS people. > Initiatives like this tend to fail, miserably when they are dominated by single chipmakers rather then rooled out as an industry standard. Intel and the M$ folks have to gain far more buy in to really gain a silod foothold, unless that foothold stands only for the home desktop user. The better alternative is ruuning the proper products to avoid viri and unwarranted access to systems and resources as well as education and a heightened sense of paranoia, which seems to be lacking in most lusers and many admins today. > > Your old computers cannot do evil things -- they cannot access media > created since the TCPA rollout. Unless that 'protection ends up eing as flawed as that for the adobe web-books or the recording industries anti-piracy protections... [SNIP] Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists