Intel to include DRM in new Pentium 4 series processors
David Wagner
daw at mozart.cs.berkeley.edu
14 Sep 2002 01:17:30 GMT
Brian Gladman wrote:
>Mainly those that involve deliberate or accidental expolitable weaknesses in
>the operating system kernel and the lower level supporting code in driver
>and component BIOSes.
I don't see how TCPA helps with accidental bugs in the OS or its drivers.
Secure boot makes sure you get what you asked for; it doesn't guarantee
that what you asked for is free of buffer overruns in the first place.
[ ... about attacking the boot process ... ]
>I would guess that the number of users who have been attacked using such
>techniques is very, very small.
Right. Are there any reasons to expect this to change? I can't see
any. It seems unlikely to me that attacks on the boot process will
be a significant problem in the foreseeable future for most users.
If attacking the boot process requires physical access, such attacks
won't happen too often.
My point is that, for the typical computer user, the problems TCPA
solves are in the noise compared to the real problems of computer
security (e.g., remotely exploitable buffer overruns in applications).
Rather than providing an order of magnitude improvement in security,
TCPA strikes me as an epsilon improvement, for typical users.