On Mon, 07 May 2007 16:28:24 +0200, Alfred M. Szmidt wrote:
This example has nothing to do with TC or DRM. This is how just about any modern operating system works. I cannot update the kernel on this machine since I do not have the permission to do so because the kernel disallows me to do that task, but there is no need for a specially crippled chip for this task. So I still do not see the use of DRM/TC.
An attacker who has physical access to your machine can pull the disk and put his own kernel on it that will perform his own nefarious tasks. But if you made use of the TC module then I believe you can prevent him from being able to do this -- the system will simply refuse to load his modified kernel.
If *you* have the keys to the TC module then it becomes a very powerful tool for ensuring that your systems are not compromised while your back is turned. If someone else has the keys to the machine then obviously the machine belongs to them, and you are just a user (e.g., games consoles, some mobile phones).