On Tue, 2011-08-23 at 06:19 -0700, Li, David wrote:
My threat model has to assume an attacker can gain physical access
the motherboard and reflash the BIOS. That's why I worry about using
TPM to ensure a trusted boot.
So, on the one hand, you are correct - the TCG considered physical
attack to be out of scope. But if you are including that in your threat
model, you already need to take further security measures to prevent
direct physical tampering with the box in general, not just with respect
to the BIOS or the TPM. Right? And I would expect that the same
solution that you apply to address that threat in general should also
assist in protecting the BIOS flash chip and the TPM from direct
physical access, or resetting the TPM in the event of such access.
I am aware of TXT (not in a detailed way). But what's STM? Any
STM is SMI transfer monitor. A hypervisor for SMM that acts as a peer
to the main hypervisor. It can then protect the main hypervisor from
direct manipulation by the SMI handlers.
National Security Agency