[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: .....

> Intel plans to include security features in upcoming chipsets, including copy
> protection, certificate management, and -- get this -- random number
> generation. This will be implemented in firmware, and, given that it is
> supposed to perform copy protection functions, there is a significant
> possibility that the code would be inaccessible, maybe (heaven forbid) within a
> tamper-resistant shell.

To clarify exactly why this is a problem: although it obviously won't affect
the security of existing apps, it's likely that many newer apps will be
dependent on this possibly-secret firmware for security, and we all know the
evils of depending on a design not subject to intense public scrutiny. Worse
yet, it seems possible that a certificate-based system could be used to ensure
that neither non-Intel chips nor software fill-ins would be accepted by
applications using the firmware.

And, of course, except for what was mentioned in the TechWeb article itself,
this is all conjecture based almost entirely on Murphy's Law.