**** BEGIN LOGGING AT Tue May 03 02:59:58 2011
May 03 05:39:22 <davistv> I hear people with little tiny computers are compensating for big.... hands.
May 03 13:39:50 <ecc> davistv: I use rsync to/from a shared NFS server.  Best to use the -n option first to make sure it won't do something catastrophic.
May 03 13:40:50 <davistv> ecc: Thanks for the advice, I'll give that a try.
May 03 13:41:37 <ecc> also, for small changes, s/NFS server/thumb drive/
May 03 18:00:47 <zooko> Does anyone know what consumer devices nowadays have ARM TrustZone?
May 03 18:05:39 <kerio> to avoid them?
May 03 18:06:52 <zooko> I'm exploring whether TrustZone can be used to protect users from attack by manufacturers.
May 03 18:09:43 <zooko> So it appears TrustZone is included in all Cortex-A* CPUs.
May 03 18:10:11 <kerio> wait, *by* manufacturers?
May 03 18:10:56 <zooko> Yeah.
May 03 18:10:58 <zooko> The question is
May 03 18:11:05 <zooko> So, I'm starting my own company.
May 03 18:11:07 <zooko> To sell things.
May 03 18:11:22 <zooko> And one thing I would eventually like to sell is freedom-preserving plugs.
May 03 18:12:01 <zooko> But there's a deep problem here: if I am designing, configuring, the device and software, then I could, if I were evil, or coerced, or make a mistake, insert a backdoor which would violate the user's safety.
May 03 18:12:36 <zooko> So the question is: is it possible for me to sell a consumer a cheap device which they can verify is free of backdoors that I might have inserted.
May 03 18:12:45 <kerio> nope
May 03 18:12:51 <zooko> Such a thing is theoretically possible, but could be very difficult practically.
May 03 18:13:01 <kerio> trusted computing just shifts the burden of trust from you to the CPU manufacturer
May 03 18:13:29 <zooko> Yep.
May 03 18:13:38 <zooko> I didn't ask for a device that they can verify *nobody* could have backdoored.
May 03 18:13:41 <zooko> Clearly that is an impossibility.
May 03 18:13:53 <zooko> I ask only that *I* can't backdoor it, and my customers can verify that.
May 03 18:14:01 <kerio> hmm
May 03 18:14:04 <zooko> By the way
May 03 18:14:10 <zooko> it doesn't *shift* the burden.
May 03 18:14:13 <kerio> cool idea
May 03 18:14:31 <kerio> and yeah, the possibility of a backdoor in the CPU was there to begin with :)
May 03 18:14:36 <zooko> It changes the set of people who could have backdoored it from: (hardware manufacturers of various components, me) to (hardware manufacturers of various components).
May 03 18:14:41 <zooko> That's a pure win in my book. :-)
May 03 18:15:02 <zooko> But more to the point it means that I am not a point of vulnerability, which is more important to *me* than other companies not being a point of vulnerability. :-)
May 03 18:19:12 <zooko> Whoops, almost out of laptop battery. Catch you later!
May 03 18:28:30 <kerio> hmm, the problem is that you're the one shipping the plugs
**** ENDING LOGGING AT Wed May 04 02:59:58 2011