[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Enabling Intel TXT in Fedora

Enabling Intel TXT in Fedora

Posted Apr 8, 2010 7:30 UTC (Thu) by mjthayer (guest, #39183)
Parent article: Enabling Intel TXT in Fedora

> Depending on hardware vendors for security solutions is not without pitfalls, but we are already dependent on them for the correct functioning of our systems, which includes security.

Since most CPU features are well documented, it is possible to test them quite extensively to see if they work as they should, although if the manufacturer is sneaky enough they could probably still hide something nasty. Hopefully someone would still notice at some point. Is it possible to test the blob in the same way?

And I wonder how long it will take until someone (Redhat sponsored?) reverse engineers the blob à la Nouveau.

to post comments

Enabling Intel TXT in Fedora

Posted Apr 8, 2010 9:02 UTC (Thu) by Trou.fr (subscriber, #26289) [Link]

As you point out, _most_ of the CPU features are documented. Many others are not, and nothing prevents Intel from adding a backdoor in the CPU, which of course you would not detect by "testing" the documented features. Hardware trust is a very complicated problem.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds