| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090524194245.GC1337@ucw.cz> Date: Sun, 24 May 2009 21:42:45 +0200 From: Pavel Machek <pavel@....cz> To: Theodore Tso <tytso@....edu>, "Cihula, Joseph" <joseph.cihula@...el.com>, James Morris <jmorris@...ei.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "mingo@...e.hu" <mingo@...e.hu>, "arjan@...ux.intel.com" <arjan@...ux.intel.com>, "hpa@...or.com" <hpa@...or.com>, "andi@...stfloor.org" <andi@...stfloor.org>, "chrisw@...s-sol.org" <chrisw@...s-sol.org>, "jbeulich@...ell.com" <jbeulich@...ell.com>, "peterm@...hat.com" <peterm@...hat.com>, "Wei, Gang" <gang.wei@...el.com>, "Wang, Shane" <shane.wang@...el.com>, John Gilmore <gnu@...d.com> Subject: Re: [RFC v3][PATCH 2/2] intel_txt: Intel(R) TXT and tboot kernel support Hi! > With TXT, however, all of these problems go away. What you end up > booting is completely under "Circit City's DIVX's" control, and may > include a miniature Windows environment running in the trusted > environment; it could then take over a portion of the screen for the > video output, and the hardware would have special features set up to > prevent the host OS from having any access to the video output of the > movie player running in the TXT environment. (This was how Intel > presented the LaGrande technology to the Kernel Summit several years > ago, and I assume the capabilities of TXT hasn't change significantly > since then.) How does this interact with keyboard handling? > Essentially, it's hard for me to think up situations where the TCPA > chip would not be sufficient in terms of being a solution to a > security problem that has the user's best interests at heart, rather > than that of Hollywood, and where TXT would be a such a solution. > Medical records are perhaps the best example I can come up with; and > maybe some kind of bank security system where you're only allowed to > engage in on-line banking if you run a bank-supplied application in > the TXT environment. However, it's hard for me to believe banks and > hospitals will invest in solutions that implement these sorts of > benign solutions, and it's all too easy for me to believe that > Hollywood will invest in these sorts of solutions. I suspect it does not 'protect' keyboard at all, meaning it is only useful for drm. > The bottom line is it this is a social problem, not a technical > problem, and probably needs to be solved by social means (i.e., an > FSF-led boycott). But from a technical point of view, I would be > shocked if the first major user of the TXT technology *wasn't* to > provide DRM enforcement of one kind or another. I see not merging / dropping changes only useful for drm from linux kernelas a valid 'social means'... Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists