InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
AI Subscribe Login/Register account icon
S&P 500
5,525.65
(
1.64%
)
US TECH 100
18,823.60
(
2.85%
)
Dow Jones
40,990.59
(
0.61%
)
Brent Oil
80.46
(
2.41%
)
Bitcoin
66,370.25
(
0.30%
)

Replies to post #212776 on Wave Systems Corp. (fka WAVXQ)

Replies to #212776 on Wave Systems Corp. (fka WAVXQ)
icon url

wavedreamer

07/20/11 11:05 PM

#212778 RE: dig space #212776

Hi dig,

An interesting article,


"UEFI and "secure boot"


Hardware-based secure boot mechanisms are clearly useful for some users. By determining that firmware, bootloaders, and operating systems are not compromised, these mechanisms can protect systems against rootkits and other low-level attacks. Typically, the way that is done is by cryptographically signing the binaries in question such that they can be verified before being run. But disallowing unsigned binaries from running has a potentially problematic side effect: booting free operating systems becomes difficult or, in the worst case, impossible. It all depends on who holds the signing keys.

The Linux kernel has the integrity measurement architecture (IMA) and the proposed extended verification module (EVM) which could be combined with system hardware—such as the Trusted Platform Module (TPM)—to provide a secure boot environment. There have been concerns about these mechanisms as they can be used for both good and ill: either preventing rootkits and other tampering or preventing users from running code of their choice on their hardware. The unified extensible firmware interface (UEFI) specification has recently added some features that could be used similarly, leading to many of the same concerns. But there is also an additional wrinkle for systems that use the GRUB 2 bootloader. ....etc.


http://lwn.net/Articles/447381/
icon url

lugan

07/21/11 12:17 AM

#212783 RE: dig space #212776

WAVE has been very interested in the Mobile space since at least 2006. Here is SS on the subject:

So Trusted Computing, we’ve only talked about the PC space. We touched a little bit on Seagate and the peripheral space. But the Trusted Computing Group standards organization encompasses all devices: peripherals, storage, PCs and mobile devices. There’s a very active mobile working group that has a couple dozen members, all the major telephone companies, and the goal is to put interoperable credentials on PCs and cell phones. So I can check my email from my Blackberry against my corporate server without having to own a Blackberry server. Because the device should have an open platform for credentials that the IT department manages, not the cellular operator manages. And so this is very well underway. The specifications will get published this spring. We expect to see first devices this fall.
(2/15/06, SRA, 2nd Annual Winter Technology Conference in San Francisco)