sad treacherous computing day

Sam Morris sam at
Mon May 7 15:11:15 UTC 2007

On Mon, 07 May 2007 16:28:24 +0200, Alfred M. Szmidt wrote:

> This example has nothing to do with TC or DRM.  This is how just about
> any modern operating system works.  I cannot update the kernel on this
> machine since I do not have the permission to do so because the kernel
> disallows me to do that task, but there is no need for a specially
> crippled chip for this task.  So I still do not see the use of DRM/TC.

An attacker who has physical access to your machine can pull the disk and 
put his own kernel on it that will perform his own nefarious tasks. But 
if you made use of the TC module then I believe you can prevent him from 
being able to do this -- the system will simply refuse to load his 
modified kernel.

If *you* have the keys to the TC module then it becomes a very powerful 
tool for ensuring that your systems are not compromised while your back 
is turned. If someone else has the keys to the machine then obviously the 
machine belongs to them, and you are just a user (e.g., games consoles, 
some mobile phones).

Sam Morris

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078

More information about the Discussion mailing list