Talk:Trusted Execution Technology

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computing (Rated Start-class)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
 ???  This article has not yet received a rating on the project's importance scale.
 

Cleanup[edit]

The atricle's comma placement and syntax seems a bit off to me. I'd place a cleanup template, but haven't yet figured out how. Also, the vocabulary seems a bit advertish to me.

Orange & Viridian 09:35, 30 December 2005 (UTC)

i'm not a native english speaker . if you wish to correct my mystakes ,you're welcome. Dbiagioli 13:16, 30 December 2005 (UTC)DBiagioli

la grande main use[edit]

Where did you found the info that the TPM is designed to withstand physical attack ? and the packaging is designe to self-destruct ? could you provide a link please?Dbiagioli 07:17, 1 February 2007 (UTC)

POV[edit]

This phrase is extremely POV: "aimed at giving users, especially in the business segment, a way to defend themselves against software-based attacks aimed at stealing sensitive information".

This is the POV of DRM proponents. OTOH, my POV is that it is aimed at taking freedom away from users, rendering them incapable of defending themselves. Please make this phrase more neutral. For example, it could start with "Intel claims that it is aimed at....", and then followed by "OTOH, opponents of DRM think that...".

See: POV, Digital_restriction_management#Controversy.

done Dbiagioli 15:23, 21 May 2007 (UTC)

Robertmh 09:15, 21 May 2007 (UTC)

Clarifications[edit]

The article is, in my opinion, rather weak on the details of where TXT differs from existing security solutions. The TPM chip is obviously new and novel, but the article also makes mention of parts of the architecture where I cannot understand why ordinary virtual memory would not suffice, such as:

"The processor : With a private environment for applications, so that the hardware resources (such as memory pools) are locked to the calling applications and cannot be accessed whether for read or write by any other process running on the platform"
This sounds exactly like virtual memory.
"The chipset : Enforces security on the main board by controlling more accurately the memory management policy, enhancements to memory access mechanisms, channel control mechanisms for hardware extensions (user I/O, Graphics, etc.) and secure interface to the TPM"
Except for the secure interface to the TPM, this statement is very vague. How do these "enhancements to memory access mechanisms" differ from current bus access?
"The user Input : Protection states over keyboard, and mouse, allowing users to interact with trusted platform applications, without the risk of being compromised, neither observed by other running software"
Other running software cannot normally observe keyboard or mouse input unless directed to them as is on current operating systems, and even if they can, that sounds like a problem to be solved in software, rather than in hardware to me.
"The Display Interface : This feature enables trusted platform applications to send display data to specific context (a window for example) memory buffer, preventing running software from stealing the being-transmitted information"
Same thing here; even if other programs can access other programs' window contents, that still sounds like a system software problem rather than a hardware problem to me.

It would be great if someone knowledgeable could clarify these issues. Dolda2000 (talk) 14:19, 27 July 2008 (UTC)

Response: You are right that some existing features in CPU's (and software) are related to protection against these attacks. However, this technology is quite different. With TXT the goal is to be able to bootstrap the computer from an untrusted environment into a provable trusted environment (as asserted by TPM chip) trusted environment. Essentially, there's a CPU instruction "SENTER" that a (priviledged) program running in untrusted mode can execute and tell the hardware "Ok, I want this and this code to run and access this and this memory etc. - give this control the full control". SENTER that carries out the task of transferring the control in a secure way. Furthermore, using special bus cycles, it then communicates to the TPM that the control of the computer is now in the hands of the program with a specified hash value (and informs it when control is tranferred back). This enables the TPM to make signed statements about what software is running on the computer. As for the display interface, then it is in a sense a software problem, but the problem is that the existing software stack is too big to be trusted. Instead, some hardware help is introduced to permit the bootstrapped trusted program to interoperate with the untrusted driver drivers, so it can get a trusted area of the screen (e.g. a window) which is inaccessible and unalterable by untrusted software, even the display driver. AFAIK this hardware is not present in the hardware on the market or is at least not documented. —Preceding unsigned comment added by 212.242.202.140 (talk) 14:08, 14 February 2009 (UTC)

Vague ?[edit]

This article is remarkably vague on what exactly Intel TXT actually is. Instead, it reads like a list of marketing features, without any implementation details. TXT is advertised as a CPU feature, yet there's no mention of where the CPU with TXT support fits into this. — Preceding unsigned comment added by 75.101.82.47 (talk) 21:19, 16 January 2013 (UTC)