>>From: Tzafrir Cohen <[EMAIL PROTECTED]> >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0) >> >>> >>> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0). >>> >>> >> http://unit.aist.go.jp/itri/knoppix/index-en.html >>> >>> >> It includes trusted computing software based on TPM(Trusted >>> Platform >>> >>> >> Module). Debian packages on KNOPPIX is validated by Remote >>> Attestation. >>> >>> >>> -------------------------------------------------------^^^^^^^^^^^^^^^^^^^ >>> >>> >>> >>> sounds an awful lot like Remote Exploit to me. >>> >> >>> >>That's indeed remotely similar. >>> >>> Our remote attestation is a kind of CHECKER of two type of database >>> for trustworthy. The database of DSA (Debian Security Advisory) >>> validates the packages of knoppix. The database of platform integrity >>> was created by our samples, which is listed at >>> http://sourceforge.jp/projects/openpts/wiki/PlatformInfo >>> The database validates the boot procedure, which is based on "Trusted >>> Computing". >> >>Sorry, I just don't get it. >> >>Given that the platform includes gcc, perl and python (and wget), what >>practical use is there in in the guarantees you can achive?
The TC-Geeks KNOPPIX is a trial environment. However the technique ,whcih combiles remote attestation and trusted boot, prevents insertion of root kits and offers safe environment. >>What happens if I just innstall something from source? The software work well. If you REPLACE the application which are registered at the database, you can not connect to remote attestation. >>Recall that for the Xbox it only took one buggy game to allow installing >>an arbitrary software (e.g.: Linux) by the user. ------ suzaki -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
