-
Welcome
-
Subscribe to
Tying TPMs Throughout The Stack
Session information has not yet been published for this event.
One Line Summary
TPMs in Linux are poorly understood and poorly trusted, they sit there on the LPC bus, gathering dust. What can we do to tie this exceptionally useful security device into the underlying OS and make real steps to better security?
Abstract
We’ve never made much use of TPMs in Linux. Poorly understood and poorly trusted, they sit there on the LPC bus, gathering dust. But what if we can use them to provide meaningful additional security to systems? What if we could use the TPM to protect us from rootkits, bootkits and modified firmware? What if the TPM could secure your SSH keys against theft, make your random numbers more random and inform you that someone backdoored your laptop when you left it in your hotel room?
All of this is possible today, but it’s not integrated and it’s beyond the ability of even most skilled users. What can we do to tie this exceptionally useful security device into the underlying OS and make real steps to better security?
Speaker
-
Matthew Garrett
CoreOS- Blog: http://mjg59.dreamwidth.org/
- Twitter: mjg59
Biography
Matthew Garrett is a security developer at CoreOS, developing technologies to improve the security of containers and the systems that run them. He has a background in firmware integration, power management and fruitfly genetics and so has atypical ideas about system complexity and the ease of reverse engineering. A board member at the Free Software Foundation and a a member of the Linux Foundation Technical Advisory Board, he has strong feelings on high-quality Free Software.