LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Qubes beta 1 released

Qubes beta 1 released

Posted Apr 16, 2011 21:29 UTC (Sat) by cmccabe (guest, #60281)
In reply to: Qubes beta 1 released by jarrett.miller
Parent article: Qubes beta 1 released

> As long as you believe that Intel correctly implemented the hardware and
> correctly implemented the AC module (and here I define correct to mean it
> implements the semantics of the GETSEC[SENTER] instruction without error)
> then TXT does indeed allow you to know what is running on your computer
> reliably.

Even if I believe that-- and I already discussed some reasons why I shouldn't-- exploit in another layer of the stack will allow an attacker to run something different on my computer. And even if I magically was able to audit all of that software, it still wouldn't tell me anything about what software is running on, for example, my RAID card, or inside my computer mouse.

You can get closer and closer to certainty, but never reach it.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds