Controversial Security Paper Nixed From Black Hat

coondoggie writes us with a link to the Network World site, as he tends to do. Today he offers an article discussing the cancellation of a presentation which would have undermined chip-based security on PCs. Scheduled during the Black Hat USA 2007 event, the event's briefing promised to break the Trusted Computing Group's module, as well as Vista's Bitlocker. Live demos were to be included. The presenters pulled the event, and have no interest in discussing the subject any more. "[Presenters Nitin and Vipin Kumar's] promised exploit would be a chink in the armor of hardware-based system integrity that [trusted platform module] (TPM) is designed to ensure. TPM is also a key component of Trusted Computing Group's architecture for network access control (NAC). TPM would create a unique value or hash of all the steps of a computer's boot sequence that would represent the particular state of that machine, according to Steve Hanna, co-chair of TCG's NAC effort."

Re:How could a presentation "undermine" security?

[quentin_quayle]

benhocking "If the chip is secure, then no mere presentation can undermine its security. If it's not secure, then there's no security to undermine."

The TPM is designed to prevent the hardware owner from having access to at least one of the digital keys within it, and thereby to prevent the hardware owner from having control over software running in the "trusted", walled-off mode. It is therefore a DRM chip, not a "security" chip.

"Secure" in the sense you are using is from the key-holders' point of view, like the U.S. bases being "secure" against the rightful owners of the land who want to evict the occupiers.

It would be more correct to characterize the presentation as one which would help to restore security for the hardware owner whose device would otherwise be compromised by the euphemistically named "trusted computing" intrusions.