| |||||||||||||
OLS: Linux and trusted computingOLS: Linux and trusted computingPosted Jul 22, 2005 19:12 UTC (Fri) by jwb (guest, #15467)Parent article: OLS: Linux and trusted computing
I find the calcification of software practices implied by the TPM abhorrent. The whole architecture precludes self-modification and algorithm learning. Shall we be stuck in our current state forever? Will 4KiB quanta of unwritable jump tables be the ultimate state of the art in software development? That's pretty stupid, if you asked me.
(Log in to post comments)
Ask? Posted Jul 22, 2005 22:44 UTC (Fri) by ncm (subscriber, #165) [Link] That's kind of the point of the whole process: no one will ask. Once this stuff is in place, mandatory key escrow will be easy to impose.
OLS: Linux and trusted computing Posted Jul 22, 2005 23:11 UTC (Fri) by allenp (guest, #5654) [Link] It's important to note that TPM does not force the thing you abhor. Itenables it along with a bunch of other useful stuff. Technlogy has enabled other bad things, like the various failed copy protection schemes and the DVD CSS contraption. The 'Net considers stuff like that "damage" and routes around it. (Who said that? Spaf?)
OLS: Linux and trusted computing Posted Jul 24, 2005 23:48 UTC (Sun) by havardk (subscriber, #810) [Link] The 'Net considers stuff like that "damage" and routes around it. (Who said that? Spaf?)That quote is by John Gilmore. The context at the time was Usenet though.
OLS: Linux and trusted computing Posted Jul 23, 2005 15:27 UTC (Sat) by zblaxell (subscriber, #26385) [Link] I'm having trouble parsing this...Who is "self" and who is learning? If "self" is the machine, then you're talking about AI software running algorithms that learn. If "self" is the machine's owner, then you're talking about a user exercising free software rights and learning some algorithms.
I don't see why it wouldn't be possible to run an AI under TPM, as long as the AI's bootloader doesn't change (or the AI is smart enough to have its SHA1 sums recertified before trying to do remote attestation ;-). Exercise of free software rights depends on who is signing the code, and what code they are willing to sign.
There are contexts where calcification is quite desirable. If I had one of these on my laptop, I'd use TPM to verify my initrd with the PCR's, then provide part of the key material that protects root and swap (why swap? software suspend). This turns dictionary attacks against the key into an exercise in hardware modification--without access to the data in the TPM, a significant part of the key material is missing. My key material in the TPM would be combined with a passphrase taken from the keyboard by initrd, so that a compromised TPM isn't sufficient to get the disk keys. I have no way to know whether a compromised TPM has permitted a trojan initrd to execute--but that's no different from the status quo.
Once this verification had been done and the key material retrieved, I'd have no other use for the TPM, so I'd put it in untrusted mode (which means I'd need to reboot to use it again). Once the machine is booted, connected to a network, and running application software, there's nothing I could store in the TPM chip (or on disk or in RAM) that couldn't be compromised by a malware attack or OS security breach.
Note that I might still use some parts of the trusted security stack even after booting--e.g. I might personally sign all of the executables in all of the packages I install, and configure the kernel to only execute executables signed by me--but no TPM is needed in this case, since the OS can (and due to limited space in TPM, must) do its own certificate management. That should slow some of the viruses down, if anyone bothers to write some. OTOH, as a user, if it makes OpenOffice.org load any more slowly, I'd probably just turn the whole feature right off. ;-)
To upgrade the kernel, I would reboot the machine, tell my initrd to go into single-user mode with the TPM still authenticated, verify the kernel is the same as the kernel I built, install it, certify it, put the TPM back in untrusted mode, and reboot (or kexec) with the new kernel. Hopefully the kernel's build-time environment or source code wasn't compromised.
Anyone capable of an attack on the physical hardware is probably beyond my ability to defend against them. To me, TPM is a device to prevent data extraction by common thieves, and little more.
TPM provides little or no protection against most malware as long as today's typical general-purpose OS architecture is used. TPM assumes that the OS is capable of enforcing access controls--TPM only ensures that the OS hasn't been modified, not that the OS is actually secure.
Signed binaries Posted Jul 25, 2005 6:17 UTC (Mon) by Ross (subscriber, #4065) [Link] I suspect they would load more slowly... at least the first time; everytimeif there is no caching. However the problem with such things is that an attacker need only find a bug in the kernel or any of the signed binaries which allows running of unsigned code. Even worse consider that the only protected "code" in this situation are machine code binaries and libraries. Any language implemented at a higher level (scripts, macros, etc.) would not be checked. If you want to be able to run bash you are suddenly trusting all the scripts written in bash (though the commands they call may not be allowed unless they are built-ins). 99% of interpreters do not have any way to even know which actions should be allowed.
Signed scripts Posted Jul 26, 2005 1:12 UTC (Tue) by xoddam (subscriber, #2322) [Link] > Even worse consider that the only protected "code" in this situation are> machine code binaries and libraries.
Shebang scripts (starting with a line like #!/usr/bin/perl) can have their signatures checked by the kernel's binfmt_script executable loader in exactly the same way as it's done for ELF binaries.
Checking signatures on scripts loaded in other ways (including modules) would need interpreter support. A large job, but not insurmountable.
|
|||||||||||||