I know what TPM is, but what does it do by itself?
-
I know what TPM is, but what does it do by itself?
Trusted Platform Module - Wikipedia, the free encyclopedia
If i have a mobo with onboard TPM, and i activate/initialize it, did anything change on the system? or does the TPM only work in conjunction with other softwares, such as bitlocker?
Once I initiate it, nothing changes on the computer, nothing is secure.
Also, if this is the case, how can I take advantage of the TPM sealing features? I would like to lock the system if anything changes on the hardware or software, ie malacious software installed, or a different video card installed. This is what sealing does, when there is a change in the platform measurements, but how do i do this? through bitlocker? are there any other programs that can work in conjunction with the TPM module?
I have been reading about TPM and how to install it, but everything is so vague so i hope to get some input or real world examples here.
any input is greatly appreciated,
thanks.
-
-
-
Dwarf,
Yes I understand that bitlocker can either be used with a USB password key, or a password that gets generated with the TPM for additional security, but it is not needed for bit locker to work. In this case, TPM is not doing anything except using its 1024 RSA key generation to create a password for Bitlocker. It is doing nothing else in the system except this.
TPM was not created soley for Bitlocker, it does other stuff, that other stuff is what i'm trying to figure out. It can also be used with linux.
I'm just want to find someone that has a thorough understanding of the trusted computing module.
-
-
TPM by itself does nothing. You need some sort of software to use it, like Bitlocker (for windows) and Trousers (for linux). Standalone however, I don't think it does anything.
-
ok cool thats what i thought.
I know that they have trueCrypt which is a bitlocker equivelent for linux, but it doesnt utilize the TPM module.
Does anyone know of a linux version of bitlocker that uses the TPM?
i am really most interested in the sealing feature, so that if malicious code is put on your computer, it won't let you look at encrypted part of the files since there was a hardware/software change after you did the encryption.
-
It depends, what version of linux you are running though. There's a package for Debian/Ubuntu versions. I'm not sure about the others though. This might prove useful though,
Last edited by Brink; 03 Sep 2011 at 15:57.
Reason: suspicious link removed
-
-
I Think TPM alone does nothing but with supported software it offers hardware encryption/decryption so you dont need to load it on cpu.