IBM On Trusted Computing, Linux 36
An anonymous reader writes "A number of IBM's computers have been available with an "embedded security subsystem (ESS)" for some time now. This site lists three research papers regarding the new TCPA (Trusted Computing Platform Initiative) security chip developed by IBM, including the full GPL-ed source code to a Linux driver for this chip. In particular, the 'Why TCPA?' paper claims that IBM's TCPA chip is in fact of extremely limited use for DRM, as it contains no tamper resistance; the chip is designed to fend off software attacks, not physical attacks. An interesting take from a company with very solid products."
In other words... (Score:4, Informative)
Watch out with that line of thinking... The ideal system has reasonable internal security as well. If a disgruntled employee can get access to these public/private key pairs, you're worse off than before, because you still maintain the illusion of security.
Like cable modems... (Score:2, Informative)
Hardware attacks, I guess, are not a common senerio that hardware designers really think much about.
Nope (Score:3, Informative)
An employee can get to the keys, but only by hacking the hardware. A possibility (as clearly explained in the articles), but not likely. It's also questionable when getting these keys would _do_; they only seem useful for the single machine itself. And I'd presume a good admin would clear/reset any keys if the machine is transfered to another employee.