|
Posted by Matty on December 29, 2006, 5:40 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi there all, I am working on a document on Windows Vista TPM Services,
and I have several questions I'm hoping someone can answer as well as
several thoughts I'd like some feedback on. Feel free to address any
combination of my comments/points, but I ask that you please try to be
informative and thoughtful in your reply- I'd like to really learn
something after all ;-)
1) Is the Endorsement Key used to create the hashes of integrity
monitoring/reporting metrics? If not, what key is used?
2) The TBB of a trusted platform is the TPM and the CRTM. The CRTM is
either a portion of or the entire BIOS code. Both of these components
must be trusted, and updates must be controlled. However, currently
3rd party BIOSes are prevalent, and anyone can update them. If this
situation does not change then basically 1 of the 2 components of the
TBB cannot really be trusted. How can we really ever have a trusted
computing platform if one of the 2 TBBs can be compromised? Perhaps
this issue is being addressed when I read the phrase "TPM-compliant
BIOS."
3) A trusted computing platform using a 1.2 TPM, and Windows Vista can
enable Secure Startup and BitLocker drive encryption to secure data
cryptographically. If the drive from this trusted computing platform
is stolen and placed into another system running another operating
system then what is the attacker missing in order to access the data?
The same thing they were missing before the trusted computing platform
was around- the encryption key. Therefore, doesn't the attacker
still have the same methods of brute force attack at their disposal for
cracking the encryption of the volume? How does the TPM make this
different once the drive has been removed from the system?
4) I am trying to write scripts to perform basic TPM management tasks.
Microsoft has some documentation on the WIn32_Tpm class which is
supposed to be used for this sort of thing, but I have not had any
success getting scripts to work on my Windows Vista 32-bit or 64-bit
installations. In the end I simply tried to search for the Win32_Tpm,
and could not even find it. The method for searching for the class was
to use the script below, and then pipe it to | findstr /I "Win32_Tpm".
=======================================
strComputer = "."
strNamespace = "\root"
Set objSWbemServices = GetObject("winmgmts:\" & strComputer &
strNamespace)
Set colClasses = objSWbemServices.SubClassesOf()
For Each objClass in colClasses
Wscript.Echo objClass.Path_.Path
Next
=======================================
I have some more questions floating around somewhere, but this is a
good start.
Thanks in advance for your replies.
Matt
|
| Similar Threads | Posted | | Windows Vista hacked | May 21, 2007, 6:51 am |
| "Accound Unknown" Windows Vista Account | June 16, 2007, 1:50 pm |
| Peter Gutmann Rips Windows Vista Content Protection | December 28, 2006, 3:00 pm |
| Re: Security feature in Microsoft's new Windows (Vista) could drive users nuts | May 16, 2006, 11:05 pm |
| Vulnerability assessment for OS, XML, web services | September 27, 2005, 11:16 am |
| Is it Illegal to offer concealment services? | August 13, 2007, 9:23 am |
| Is Someone Reading My E-mails? How secure are BT online services? | October 28, 2006, 3:01 pm |
| Questions Regarding Vista OS | June 1, 2007, 9:40 pm |
| Hefty hardware requirements for M$ Vista | September 4, 2005, 3:04 pm |
| Vista and third party Virus scanners | October 2, 2006, 4:25 pm |
|
XML site map