[Arm-netbook] extraordinary claims ...
Derek LaHousse
dlahouss at mtu.edu
Sun Jul 8 17:01:46 BST 2012
On Sat, 2012-07-07 at 11:07 -0700, freebirds at fastmail.fm wrote:
> Thank you Luke Leighton for your open mindedness, support and interest
> in ARM security. I thank the other members for withholding judgment. Of
> the few members who expressed criticism, try to make it constructive
> criticism like Gordon Bobic's advise on hardening which I will follow.
>
> Since Luke Leighton expressed an interest in security, I will inform you
> that TrustZone, who has morphed into Trusted Execution Environment (TEE)
> will be morphing into Mobicore. The description of Mobicore is REMOTELY
> manageable TEE. ARM is taking after Intel who morphed TPM into TXT
> (Trusted Execution Technolopgy).
Mobicore is a "secure" OS that runs in the TrustZone world. There's a
set of APIs by which a normal OS/program can make a "trustcall" (like
system call or hyper-call) to use some service of the Mobicore. Like a
hypervisor rootkit, there could be a trustzone rootkit, but it has to be
put on the machine in a different way.
You argue against TXT and TPM. A TPM is a smartcard, soldered to a
motherboard. TXT is a way of computing the state of running software,
which then allows the TPM to use its private keys. This is not an
attack vector, it is to lock people out of that private key. I,
personally, WANT a TPM and the control over it, to help me control MY
systems.
So, TXT is not a threat to what you're describing, and TrustZone is more
like Hardware Virtualization in your concerns.
More information about the arm-netbook
mailing list