undefined | Better HN

0 pointsbrianpgordon11y ago0 comments

I'm not an expert on trusted computing, but I thought that TPMs can enforce secure boot and encrypt data that cannot be recovered if unauthorized software is running on the system. There are probably vulnerabilities in the implementation, but I thought that, in theory, it's airtight.

0 comments

2 comments · 1 top-level

teraflop11y ago· 1 in thread

In principle, yes, if you know that the TPM's private key hasn't been compromised. At a minimum, you would need some way to verify that it's actually a tamper-resistant hardware chip, and not a software emulation.

I don't see how a software agent bidding on VPS hosting services could possibly know that.

derefr11y ago

It could just pay humans to go verify that for it. See http://slatestarcodex.com/2015/04/07/no-physical-substrate-n..., or just think about the fact that services like Mechanical Turk and Magic exist.

j / k navigate · click thread line to collapse