Hello,
 
regarding the original posters mention of trusted graphics and input paths: Does anyone know what the status on this is? I know this is separate technology from TXT but certainly it is part of trusted computing. Back in 2003 when especially Microsoft talked a lot about trusted computing, they envisaged end-to-end encryption to/from the keyboard and the possibility for creating trusted windows on the display that could not be grapped or overwritten by non-trusted programs (and that could be recognized by the user by some to be defined mechanism, like the one Mike suggested). I even read that ATI and Nvidia were on board on the graphics part. I haven't heard anything about this since and the relevant discussion forums on the trusted computing groups seem to be closed. So do any of you have more recent info on whether these techs are being/have been standardized somewhere?
 
Thanks,
 
Martin Thiim
 
On 7/15/08, Cihula, Joseph <joseph.cihula@intel.com> wrote:
I should have also mentioned that all '08 (and forward) vPro and cPro
systems will support TXT and that the DQ35JO motherboard is used in
various ODMs' systems.

Joe

-----Original Message-----
From: Cihula, Joseph
Sent: Monday, July 14, 2008 4:33 PM
To: 'Hal Finney'; Mike Hearn
Cc: tboot-devel@lists.sourceforge.net
Subject: RE: [tboot-devel] Buying a machine that will actually work with
TXT

I can't specifically recommend any systems, but I can add that the
Intle(R) DQ35JO motherboard also supports TXT.

And as Hal pointed out, the first mobile system will be available
shortly (I can't comment on production dates, but the one in my office
works with TXT just fine).

Shortly we will be adding Linux support to tboot (i.e. to boot a Linux
kernel) and posting the corresponding patches for Linux to LKML.

Joe

-----Original Message-----
From: tboot-devel-bounces@lists.sourceforge.net
[mailto:tboot-devel-bounces@lists.sourceforge.net] On Behalf Of Hal
Finney
Sent: Monday, July 14, 2008 3:12 PM
To: Mike Hearn
Cc: tboot-devel@lists.sourceforge.net
Subject: Re: [tboot-devel] Buying a machine that will actually work with
TXT

Hi Mike - Boy, you'd think this would be easy to find out, wouldn't
you? I just wasted (more optimistically, spent or even invested!) an
hour trying to see what current chips, chipsets and systems support
TXT. It certainly doesn't help that Intel chose such a widely used 3
letter acronym.

It doesn't look to me like any laptops yet support TXT. This file:
http://download.intel.com/products/roadmap/roadmap.pdf on page 5
indicates that the first mobile platform with TXT is the one Intel
code-names Montevina, using processors code-named Penryn and a chipset
code-named Cantiga, and that this should be coming out in Q2 08.
Unfortunately, the mapping of these codenames to actual products seems
to be a tightly held Intel secret - at least, I couldn't find it.
However, Wikipedia has some useful information on the Montevina
platform:
http://en.wikipedia.org/wiki/Centrino#Montevina_platform_.282008.29
says,

"The code-name Montevina refers to the fifth-generation Centrino
platform, now formally named Centrino 2 to avoid confusion with
previous Centrino platforms. It was scheduled for release at Computex
Taipei 2008, which took place on June 3 - 7, 2008,[6] but has been
delayed until July 14, due to problems with integrated graphics and
wireless certification."

July 14 happens to be today, so your question is in a way quite
timely. And this tells us that what you want to look for would be
Centrino 2. However it will probably be a while before systems are
available with that architecture. And whether they will actually
support TXT is unknown.

When Trusted Execution was announced, 3 models of computers were
identified as supporting it: The HP Compaq dc7800, Dell OptiPlex 755
PC, and the Lenovo ThinkCentre M57p. I don't know of any others that
have been added to that list since then.

As far as the use of Tboot, it seems to be primarily oriented around
launching the Xen virtual machine monitor, making it a measured VMM or
MVMM. Xen can then launch Linux or certain other OS's, perhaps even
measuring them as well.

Personally I prefer the direction of Jonathan McCune's "Flicker"
project, http://sparrow.ece.cmu.edu/group/flicker.html - it similar to
what you describe, launching from within a running OS self-contained
applets (which I think he should call, flicklets) that run for a brief
moment in a measured, protected mode, perform some sensitive
calculation and then return to the conventional OS. I was working on a
similar idea but he is quite a bit further along with it, and last I
heard it was already working with AMD's skinit and almost there with
Intel TXT.

Hal Finney





On Sun, Jul 13, 2008 at 2:27 PM, Mike Hearn <mike@plan99.net> wrote:
> Hiya,
>
> I'm interested in playing with LaGrande/TXT. I've read the book,
although
> it's sort of confusing and probably out of date now. It seems clear to
me
> that from a users perspective, messing around with the low level
GETSEC
> instructions is the wrong way to go - I need drivers. Tboot appears to
be
> that project.
>
> From reading the archives though it seems that the hardware still
isn't
> quite solid yet. Comments like "you are lucky" to somebody who
actually got
> it to (sort of) work aren't reassuring :)
>
> Does anybody know of a decently priced laptop that implements a known
to
> work LaGrande setup? Including the protected graphics/keyboard
channels?
>
> Also, does anybody have some example code of launching an app[let]
into a
> protected domain?
>
> How far is there left to go, really?
>
> Thanks!
> -mike
>
>
------------------------------------------------------------------------
-
> Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
> Studies have shown that voting for your favorite open source project,
> along with a healthy diet, reduces your potential for chronic lameness
> and boredom. Vote Now at http://www.sourceforge.net/community/cca08
> _______________________________________________
> tboot-devel mailing list
> tboot-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tboot-devel
>
>

------------------------------------------------------------------------
-
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel