On 05/30/14 16:02, Mihail Ivanov wrote:
> Hello, I feel honored to get a direct response from the founder of Qubes
> herself :)
> As uneducated as I might be I'd mostly post questions:
> You're saying TXT offers DRTM, but AMD has an equivalent technology,
> shouldn't it be possible to use DRTM with AMD?
It should be possible, but AFAIK tboot that we use in AEM happens to
support only Intel TXT (which is not surprising given that it's an
Intel's sponsored project)
> Is AMD's variant as insecure as TXT?(btw the mainboard I am talking about
> has a TPM header but the TPM chip costs a lot).
I've never had a chance to play with the AMD technology. Probably
because in the times when we've been doing all our epic Trusted
Computing offensive research Intel had 99% of laptops market. Not sure
if anything changed recently?
> You're saying using AEM with SRTM will not be able to check /boot(or I am
> misunderstanding something)?
Yes, because in Qubes R2 we use GRUB2 which has no support for SRTM. In
AEM v1.x on Qubes R1 we used Trusted Boot, which implemented SRTM (i.e.
was able to extend the trust chain initiated by the BIOS by extending
PCRs with hashes of each of the code that it was about to execute).
Unfortunately Trusted Grub has become a dead project and for reasons
which I don't recall ATM we couldn't use it after we upgraded to newer
distro in Dom0.
> But then it can only check the BIOS, correct?(based on the PCRs).
Most today BIOSes should implement SRTM[*], so you should be able to use
AEM to verify your system using the PCRs that are used by the BIOS to
hash the code it's executing (i.e. seal AEM secret to those PCRs only).
[*] Whether they do that correctly or not is a different questions ;)