>>From: Tzafrir Cohen <[EMAIL PROTECTED]> >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0) >> >>On Tue, Feb 12, 2008 at 09:02:38PM +0900, Kuniyasu Suzaki wrote: >>> >>> >>From: Tzafrir Cohen <[EMAIL PROTECTED]> >>> >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0) >>> >> >>> >>> >>> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0). >>> >>> >>> >> http://unit.aist.go.jp/itri/knoppix/index-en.html >>> >>> >>> >> It includes trusted computing software based on TPM(Trusted >>> Platform >>> >>> >>> >> Module). Debian packages on KNOPPIX is validated by Remote >>> Attestation. >>> >>> >>> >>> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^ >>> >>> >>> >>> >>> >>> sounds an awful lot like Remote Exploit to me. >>> >>> >> >>> >>> >>That's indeed remotely similar. >>> >>> >>> >>> Our remote attestation is a kind of CHECKER of two type of database >>> >>> for trustworthy. The database of DSA (Debian Security Advisory) >>> >>> validates the packages of knoppix. The database of platform integrity >>> >>> was created by our samples, which is listed at >>> >>> http://sourceforge.jp/projects/openpts/wiki/PlatformInfo >>> >>> The database validates the boot procedure, which is based on "Trusted >>> >>> Computing". >>> >> >>> >>Sorry, I just don't get it. >>> >> >>> >>Given that the platform includes gcc, perl and python (and wget), what >>> >>practical use is there in in the guarantees you can achive? >>> >>> The TC-Geeks KNOPPIX is a trial environment. However the technique >>> ,whcih combiles remote attestation and trusted boot, prevents insertion >>> of root kits and offers safe environment. >> >>Your disk image is shipped with a kernel image that has a nice root >>exploit (vmpslice). Yeah, I know, bad luck. What impact does it have on >>your guarantees? >>What impact do your guarantees have on exploitations of that hole?
Yes, TC-Geeks KNOPPIX can not update but it is good example that we need a remote attestation to check vulnerability. :-) We need to check the kernel at the bootloader stage and keep the chain of trust. -- suzaki >>> >>What happens if I just innstall something from source? >>> >>> The software work well. >>> If you REPLACE the application which are registered at the database, >>> you can not connect to remote attestation. >>> >>> >>Recall that for the Xbox it only took one buggy game to allow installing >>> >>an arbitrary software (e.g.: Linux) by the user. >> >>So it cannot prevent me from running arbitrary code. It just gives >>someone a grarantee that certain files are valid. >> >>Well, I suspect that if someone is root, the possibilities are basically >>endless - there are many places where you can just add some files to >>have an impact on the whole system. >> >>-- >>Tzafrir Cohen | [EMAIL PROTECTED] | VIM is >>http://tzafrir.org.il | | a Mutt's >>[EMAIL PROTECTED] | | best >>ICQ# 16849754 | | friend >> >> >>-- >>To UNSUBSCRIBE, email to [EMAIL PROTECTED] >>with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >> >> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
