CONFIG_INTEL_TXT
Eric Paris
eparis at redhat.com
Fri Oct 23 17:51:36 UTC 2009
On Fri, 2009-10-23 at 18:34 +0100, Christopher Brown wrote:
> 2009/10/23 Arjan van de Ven <arjan at infradead.org>:
> > On Thu, 22 Oct 2009 18:39:53 +0100
> > Jon Masters <jcm at redhat.com> wrote:
> >
> >> Don't forget to mention the more paranoid hand-waving about removing
> >> RAM chips at runtime with liquid nitrogen after going into suspend and
> >> hax0ring. I think there will be more upstream discussion anyway.
> >
> > I'm sorry but this argument makes no sense whatsoever.
> >
> > Claiming that a feature should not be enabled because someone is talking
> > about a mythical attack that is waaay outside the scope of what a
> > technology wants to protect is not solid reasoning, it's fear mongering
> > instead.
>
> All the same, it was disappointing news to me to read that Intel are
> even pushing stuff that leverages binary blobs with no source code.
> There would be nothing to fear and no need for fear mongering if it
> was an open blob. It would make the whole argument moot.
No, Arjan is right. Jon is talking about wildly unrelated system attack
vectors which are in no way related to TXT or to the binary blob. Jon
was out of line seemingly trying to scare people away from this
technology for wholly illogical reasons. It's like we're talking about
putting a lock on the window and Jon's talking about cutting through the
walls. It's just not useful. Open or closed blob is irrelevant and
does not influence the situation to his fear mongering line of attack.
Please, however, continue to be disappointed that Intel is pushing a
closed source blob. That is a productive train of thought :)
-Eric
More information about the kernel
mailing list