[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Physical access without ultimate power? (was Re: Design principles a
From: |
Jonathan S. Shapiro |
Subject: |
Re: Physical access without ultimate power? (was Re: Design principles and ethics (was [...]))) |
Date: |
Mon, 01 May 2006 07:26:42 -0400 |
On Mon, 2006-05-01 at 09:11 +0200, Bas Wijnen wrote:
> On Mon, May 01, 2006 at 12:29:30AM -0400, Jonathan S. Shapiro wrote:
> > Pierre is correct. You can reinstall. You can even turn the chip off
> > *without* reinstalling (when you turn it on again it will reinitialize).
>
> Of course you can simply install a new system. I was speaking of "upgrading"
> and "bug fixing". This is not possible, because it will effectively be
> "reinstalling" in that you lose all your data (assuming the default was to
> protect it).
It is of course possible that MS will make a mistake in this regard, but
it is perfectly clear how to execute the upgrade within the protocol of
the TCPA hardware.
I agree, however, that MS can only get this wrong once. Ever.
> So you don't lose the power to destroy your operating system, but you do lose
> the power to change it.
This is far too strong. What you lose -- *if* you *choose* to turn the
TCPA hardware on -- is the ability to change those portions of your
operating system that implement the security contract.
shap