trusted computing SIG formation
Bill Nottingham
notting at redhat.com
Mon Feb 14 18:58:36 UTC 2011
Joerg Simon (jsimon at fedoraproject.org) said:
> i understand that better/more change control is important for Systems
> that compute important/trusted Data and i love to learn more about it
> and how it can help to make FOSS Operating-Systems more secure, do you
> see if this can improve also the Fedora-Security-Lab[1],[2]? If yes,
> just contact me.
My understanding of the Security Lab spin is that it tends to be
analysis and forensic tools, often booted from live media to avoid
disturbing the system in question.
However, booting from external media is anathema to the idea of trusted
boot, where the entire idea is that there's a chain of measured trust
from the BIOS to the bootloader to the OS, unless you're pre-seeding
the BIOS/bootloader with the hash/signature/etc. of the Security Spin.
Bill
More information about the advisory-board
mailing list