HackerTrans
TopNewTrendsCommentsPastAskShowJobs

joerichey

no profile record

comments

joerichey
·3 anni fa·discuss
If you accept that _all_ vector spaces have a (Hamel) basis, you can then prove the Axiom of Choice: http://www.math.lsa.umich.edu/~ablass/bases-AC.pdf

This means if you want to deny the Axiom in some cases, you will also have to allow for the existence of vector spaces without a basis.
joerichey
·3 anni fa·discuss
One thing that makes Secure Boot nice is how it (in theory) works _with_ measured boot. You get a measurement into the TPM that contains the public signing key that was used to verify the signature on your bootloader. This means if you update from one signed bootloader to a newer signed bootloader, you don't need to change any disk encryption or sealing.

Of course blocking execution is orthogonal to verifying the boot chain, but unfortunately those issues are conflated in the UEFI spec.
joerichey
·3 anni fa·discuss
Part of the issue with this MSI problem, is that the firmware also measures TPM events that say "Secure Boot is enabled with this configuration" even when it's not. These events are (almost always) used for FDE (via PCR 7) with a TPM.

This means that even if you setup FDE correctly (binding to say PCRs 0, 7, and 11), you would be able to bypass FDE using this MSI bug. For example, BitLocker binds to PCR 7.

You could get around this bug by sealing to PCR 4 (which contains the _hash_ of the bootloader). But then you have to redo FDE sealing every time your bootloader updates.
joerichey
·3 anni fa·discuss
I looked into this on my motherboard, and the issue is that MSI's firmware measures in the TPM events saying "Secure Boot is On", even when it is in this insecure mode.

This means that even if Windows "checks" (via measured boot) that Secure Boot is on, they are still being lied to by the motherboard firmware.
joerichey
·4 anni fa·discuss
Whoops! You're right, instead of "successor" I should have just said "newer".
joerichey
·4 anni fa·discuss
This is actually what the Precision Time Protocol (PTP) does. It's the successor to NTP, so it improves on some of NTP's mistakes. The protocol uses TAI, but also sends the TAI-UTC offset so the computer can display times in UTC.

https://en.wikipedia.org/wiki/Precision_Time_Protocol
joerichey
·4 anni fa·discuss
For future leap seconds, Google (including GCP) are planning to use a "standard" smear (https://developers.google.com/time/smear). This is also the same smear used by AWS.

It seems like if the ITU decides to keep the leap second (a bad idea, in my opinion), the large infrastructure providers will just use the same standard smear for their clocks.
joerichey
·4 anni fa·discuss
One reasonable way to do this could involve running the reference TPM2 simulator [0] on the Arduino. It's just a C library that already implements all the cryptographic routines and TPM2 commands. In fact, this is basically how TPM vendors implement their chips. They just generally have:

  - A lot more hardening against physical attacks
  - Cryptographic libraries optimized for their low-resource hardware
  - (sometimes) a vendor certificate for a primary TPM key, aka an "EK cert"
Certainly a TPM running on an Arduino wouldn't have the physical hardware properties of a "real" TPM. But you could probably get it into a state with similar software properties.

[0] https://github.com/microsoft/ms-tpm-20-ref
joerichey
·4 anni fa·discuss
As someone who's spent too much time with this stuff, you're correct. The TPM (either 1.2 or 2.0) is an entirely _passive_ chip. It only creates keys or measures data if the OS or UEFI asks it to. This means that it can't block or modify programs on your CPU.

Secure Boot is implemented by UEFI, so it can block the loading of a particular bootloader. You can have Secure Boot without a TPM or have a TPM without Secure Boot. They can be useful together though as you can have a disk-encryption key with a policy saying "I can only decrypt stuff if you've booted using Secure Boot in a particular configuration".

As for DRM, the TPM doesn't work very well as part of a DRM solution (as it's entirely passive). This is probably why very few (if any) DRM products use TPM. Most PC DRM that I've heard of either uses Windows Kernel modules or Intel SGX.
joerichey
·4 anni fa·discuss
I don't think that Windows 11 requires any sort of EK cert at all. If they did, it would require them to restrict the TPMs to a list of "approved" vendors.

In this case, they bought the actual TPM2 part of the chip from Infinion, so it might already have an EK Cert on it.