TPM Case study
True or False - Biometric, PIN, Password multifactor boot and screensaver authentication is a necessity for TPMs to protect the pc/data owner.
See the following scenario:
Assume I just purchased a TPM equipped pc then load Wave ETS 4.3/5.0. Therefore, I have enabled and taken ownership of the TPM. I set up all my banking, ecommerce, corporate LAN/VPN user ids and passwords with Personal Information Manager for seamless sign on by them stored in the TPM's non volatile memory.
An associates pc bombs so he comes to use mine while I am away from my desk. He has lesser corporate data privileges than me and certainly none to my bank accounts. He boots my pc and PIM/TPM automatically sign him on locally to the pc and to the corporate LAN as me permitting hin to access data he should not be. He then opens IE and sees I recently browsed Bank of America and TD Waterhouse so he goes there and is automatically signed in as me viewing and stealing my life savings. It could be the janitor, or the thief that stole my laptop in a airport or mall. He will be fired, jailed, IF CAUGHT.
What prevents others from assuming a TPM device owners identity? Is is the same Win XP/2000 local pc or network domain user id and passwords as today except the are saved in the TPM?
Certainly Wave ETS ot the pc owner will not allow a TPM enabled pc to automatically log on to local pc.
AI
