[CentOS] TPM and secure boot

Mon May 20 03:07:22 UTC 2013
Michael H. Warfield <mhw at WittsEnd.com>

On Sun, 2013-05-19 at 14:38 -0700, John R Pierce wrote:
> On 5/19/2013 2:06 PM, Reindl Harald wrote:
> > Am 19.05.2013 22:59, schrieb John R Pierce:
> >> >is this typically used in conjunction with disk encryption such that the
> >> >TPM module supplies the decryption keys? does linux have any concept
> >> >of signed executables, kernel, and so forth? would replacing the RPM
> >> >keys with keys signed by our own certificate authority such that the TPM
> >> >would be involved in RPM authentication be practical?
> > did you not read any IT news in the last year?
> > forget it on CentOS / RHEL currently
> >
> > even Fedora is far far away from what you think you need and the
> > complete chain of trust is more or less impossible on a opensource
> > system without make any 3rd party kernel module completly impossible
> >
> > https://fedoraproject.org/wiki/Secureboot
> > http://www.networkworld.com/community/blog/microsofts-secure-boot-red-hat-request-ignites-linus-torvalds-nsfw-flame-war

The comment that the complete chain of trust is more or less impossible
on a opensource system without make any 3rd party kernel module
completly impossible" is complete and utter bullshit, within the real
that ANYTHING can be a "complete chain of trust" in OpenSource or closed
source.  OpenSource has no disadvantage (and some advantages - peer
review and support) in this arena.  Cryptographers accept that the
security of a crypto system does NOT depend on the secrecy of the
algorithm but only upon the secrecy of the keys (private or shared).
Anyone telling you otherwise has something to sell you.

You might review Joanna (little miss blue pill) Rutkowska's work on the
"anti evil maid" to counter the "evil maid attack" against encrypted
drives.  If you wish to secure a system using TPM, this would be the
place to start.

> TPM is not the same as the new secureboot UEFI BIOS stuff.   this is an 
> optional module (tamperproofed so if its unplugged, it erases) on most 
> server motherboards, you initialize it with your OWN security keys if 
> you want to use it, Microsoft has nothing to do with it. TPM has been 
> around since 2006 or earlier.
> 
> 
> 
> 
> -- 
> john r pierce                                      37N 122W
> somewhere on the middle of the left coast

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20130519/880a2587/attachment-0005.sig>