Security hole

Bruno Wolff III bruno at wolff.to
Sat Dec 10 13:05:25 UTC 2005


On Sat, Dec 10, 2005 at 02:32:23 +0530,
  Anil Kumar Sharma <xplusaks at gmail.com> wrote:
> got to add....
> 
> On 12/10/05, Anil Kumar Sharma <xplusaks at gmail.com> wrote:
> >
> > Trusted Platform Module (TPM), does it help?
> > Can it at all deliver these functions being discussed?
> > I mean does FC4 support this technology?
> > Of course data has to be encrypted, else the data fashions invisible
> > clothing.
> >
> >
> 
> Also, TPM is on mobo, it can even be on hdd (or flash) where the data is.
> But again data has to be stored encrypted. So it leads to Hardware
> encryption via TPM',
> no penalty on CPU, HDD handles compressed data.

TPM won't help as they can pull the disk. TPM is used to ensure that the OS
running is the one it is supposed to be. It doesn't apply to hard disks.

I wouldn't trust built in HDD encryption for some purposes, as that probably
has a back door for law enforcement as hard drive manufacturers would be
pressured into doing that. And if there is a back door for LE other groups
might have access to it as well.

What you should do depends on what your threat model is. How valuable is
the data. How much would it hurt if other people saw it, it was lost, or
it was changed. What resources do your adversaries have available. What
are the odds of a natural disaster or accidental distaster occuring.




More information about the fedora-list mailing list