Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Looking at Alternatives to Palladium

Posted by CowboyNeal on from the trust-and-distrust dept.

An anonymous reader writes "Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines. They presented a brief paper describing their work a couple weeks ago at the USENIX Workshop on Hot Topics in Operating Systems . In their paper they also discuss a bunch of non-DRM applications of Trusted Computing such as distributed firewalls, improving P2P security, preventing DDOS, and even strengthening civil liberty protections."

2 of 221 comments (clear)

  1. Re:Faking out Palladium? by Ungrounded+Lightning · · Score: 0, Redundant

    A program doesn't necessarily know where it lives, but it is possible to tell if it's talking to a black box that's been signed by Intel's private key

    Not if you emulate the black box, signature and all.

    It's one thing to sign something, another to have a local device that can sign with a hidden key that can't be extracted. You need the latter - an unemulatable-because-you-can't-see-its-guts box - to be robust against spoofing the software via an emulation platform.

    The main way to detect emulation is response time checking. But that won't work to detect if YOU'RE running on an emulation platform, because the emulation platform can also spoof your idea of time.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  2. trusted solaris by Spellbinder · · Score: 0, Redundant

    i think trusted solaris is interesting

    --


    stop supporting microsoft with pirating their software!!!!!