tag:blogger.com,1999:blog-24586388.post1619925805743086461..comments2023-11-24T09:52:43.963+01:00Comments on The Invisible Things Lab's blog: Attacking IntelĀ® Trusted Execution TechnologyJoanna Rutkowskahttp://www.blogger.com/profile/07657268181166351141noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-24586388.post-13490683322487498942009-02-05T21:56:00.000+01:002009-02-05T21:56:00.000+01:00@anonymous: nice to see people start speculating a...@anonymous: nice to see people start speculating about our attack, although you're totally wrong in your guess :P As I wrote, the attack is fairly generic and doesn't depend on the particular implementation of the loader, e.g. tboot. In other words, tboot will not have to be patched to prevent the attack.Joanna Rutkowskahttps://www.blogger.com/profile/07657268181166351141noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-10730657106902061172009-02-05T17:28:00.000+01:002009-02-05T17:28:00.000+01:00Hey Joanna,Really interesting stuff, but I think t...Hey Joanna,<BR/>Really interesting stuff, but I think the attack is based on the OS loader and how the tboot is actually launched during the boot process... still lots more to read I guess lol..Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-24586388.post-20183844933832041542009-01-15T05:46:00.000+01:002009-01-15T05:46:00.000+01:00Nice post, Thank You For SharingNice post, Thank You For SharingSunCatIvhttps://www.blogger.com/profile/04746280240812328331noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-17879882662967509632009-01-06T11:46:00.000+01:002009-01-06T11:46:00.000+01:00@Mike: The tboot versions we played with (recent o...@Mike: The tboot versions we played with (recent ones) do not require any BIOS reflashing, at least on Q35 Intel boards. I would expect any fairly recent BIOS to support TXT as well.<BR/><BR/>Trusted I/O -- I assume you mean Protected Input/Output as it is called in The Grawrock's Book -- this is sort of an additional mechanism and I'm not even sure if it will make it to the TXT anytime soon. Protected In/Out, as I understand it, is more a DRM-like thing, rather then something for building secure VMMs/OSes.<BR/><BR/>I think that current TXT + VT-x + VT-d has already excellent potential, even without this Protected Input/Ouput feature.Joanna Rutkowskahttps://www.blogger.com/profile/07657268181166351141noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-56085852284501763462009-01-06T08:55:00.000+01:002009-01-06T08:55:00.000+01:00I'm glad somebody in the non-corporate security co...I'm glad somebody in the non-corporate security community is willing to stand up for TC. I've been interested in this technology for a long time, and have recently given a tech talk on it here at Google, but a lot of people hear the words "trusted computing" and switch off. <BR/><BR/>BTW I think the reason Microsoft and VMware don't use TXT is that it's really not ready yet. The tboot reference implementation still requires quite obscure hardware and BIOS reflashing to work properly, and TXT doesn't yet provide any trusted I/O, making it useless for a large/interesting set of applications.Unknownhttps://www.blogger.com/profile/09430710585276278181noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-36907907142076556062009-01-05T21:07:00.000+01:002009-01-05T21:07:00.000+01:00Irrational Fear? Sounds like a Baseless Hyperbole ...Irrational Fear? Sounds like a Baseless Hyperbole to me.Shannonhttps://www.blogger.com/profile/17364537218471353555noreply@blogger.comtag:blogger.com,1999:blog-24586388.post-20301500233255103352009-01-05T18:26:00.000+01:002009-01-05T18:26:00.000+01:00You should check out Secure64's offering. (www.sec...You should check out Secure64's offering. (www.secure64.com) They have a secure operating system that is immune to tampering. (Disclaimer: I'm the founder of the company, although I'm no longer there.)<BR/><BR/>Cheers,<BR/><BR/>Peter Cranstone<BR/>CEO 5o9 IncAnonymoushttps://www.blogger.com/profile/07858074897556111844noreply@blogger.com