TPM and Windows Vista TPM Services

Discussion in 'Computer Security' started by Matty, Dec 29, 2006.

  1. Matty

    Matty Guest

    Hi there all, I am working on a document on Windows Vista TPM Services,

    and I have several questions I'm hoping someone can answer as well as
    several thoughts I'd like some feedback on. Feel free to address any
    combination of my comments/points, but I ask that you please try to be
    informative and thoughtful in your reply- I'd like to really learn
    something after all ;-)
    1) Is the Endorsement Key used to create the hashes of integrity
    monitoring/reporting metrics? If not, what key is used?

    2) The TBB of a trusted platform is the TPM and the CRTM. The CRTM is
    either a portion of or the entire BIOS code. Both of these components
    must be trusted, and updates must be controlled. However, currently
    3rd party BIOSes are prevalent, and anyone can update them. If this
    situation does not change then basically 1 of the 2 components of the
    TBB cannot really be trusted. How can we really ever have a trusted
    computing platform if one of the 2 TBBs can be compromised? Perhaps
    this issue is being addressed when I read the phrase "TPM-compliant
    BIOS."


    3) A trusted computing platform using a 1.2 TPM, and Windows Vista can
    enable Secure Startup and BitLocker drive encryption to secure data
    cryptographically. If the drive from this trusted computing platform
    is stolen and placed into another system running another operating
    system then what is the attacker missing in order to access the data?
    The same thing they were missing before the trusted computing platform
    was around- the encryption key. Therefore, doesn't the attacker
    still have the same methods of brute force attack at their disposal for

    cracking the encryption of the volume? How does the TPM make this
    different once the drive has been removed from the system?


    4) I am trying to write scripts to perform basic TPM management tasks.
    Microsoft has some documentation on the WIn32_Tpm class which is
    supposed to be used for this sort of thing, but I have not had any
    success getting scripts to work on my Windows Vista 32-bit or 64-bit
    installations. In the end I simply tried to search for the Win32_Tpm,
    and could not even find it. The method for searching for the class was

    to use the script below, and then pipe it to | findstr /I "Win32_Tpm".


    =======================================
    strComputer = "."
    strNamespace = "\root"


    Set objSWbemServices = GetObject("winmgmts:\\" & strComputer &
    strNamespace)


    Set colClasses = objSWbemServices.SubClassesOf()
    For Each objClass in colClasses
    Wscript.Echo objClass.Path_.Path
    Next
    =======================================


    I have some more questions floating around somewhere, but this is a
    good start.


    Thanks in advance for your replies.


    Matt
     
    Matty, Dec 29, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Szymi
    Replies:
    0
    Views:
    607
    Szymi
    Nov 3, 2003
  2. Replies:
    0
    Views:
    512
  3. Windows Vista and Services

    , Jan 25, 2007, in forum: Computer Support
    Replies:
    0
    Views:
    2,669
  4. Nikki Bergeron
    Replies:
    0
    Views:
    1,330
    Nikki Bergeron
    Mar 20, 2010
  5. Windows 8 and TPM (USB and pin)

    , Dec 15, 2012, in forum: Windows 64bit
    Replies:
    1
    Views:
    860
    Charlie Russel-MVP
    Dec 20, 2012
Loading...

Share This Page