Or perhaps all the 1337 h4x0rz will just do what they already do, sniff the traffic, steal some ID's and used them. Why does it matter if this is a TPM or your username and password?
SSL is pretty secure method for doing web-transactions. It's not perfect, but a TPM isn't going to make things any better. You can still hack around SSL if know how to use google effectively for research.
Once you know the method for how the server shakes hands with the TPM you can usually spoof it. Not to mention this would be a publicly available process so that all the webmonkeys of the world would know how to build a "secure" site with it. Even if it wasn't readily available to the public, it'd still be like trying to movie or software piracy. Where there's a will there's a way.
Slashdot Mirror
Find all the old 8-tracks and 8-track players you can get your hands on. It's going to be the storage solution for the 21st century!
Is there a HowTo/mod to make a toaster into a linux powered 8-track writer yet? That'd be hawt!
Or perhaps all the 1337 h4x0rz will just do what they already do, sniff the traffic, steal some ID's and used them. Why does it matter if this is a TPM or your username and password?
r eshold=1&commentsort=0&tid=95&mode=thread&cid=1426 1329
SSL is pretty secure method for doing web-transactions. It's not perfect, but a TPM isn't going to make things any better. You can still hack around SSL if know how to use google effectively for research.
Once you know the method for how the server shakes hands with the TPM you can usually spoof it. Not to mention this would be a publicly available process so that all the webmonkeys of the world would know how to build a "secure" site with it. Even if it wasn't readily available to the public, it'd still be like trying to movie or software piracy. Where there's a will there's a way.
And what this guy said too :
http://yro.slashdot.org/comments.pl?sid=171227&th