In comp.os.linux.development.system Rainer Weikusat <rweikusat@mssgmbh.com> wrote:
| I have just yesterday been required to read through a long marketing
| text trying to sell TPM-based 'security solutions' (software) because
| it is (claimed to be) immune against reading keys still available from
| RAM. Assuming that it is, this is still complete bullshit, because the
| protected data itself needs to reside in RAM in decrypted form if it
| is supposed to be used by software for anything, so 'reading the
| decryption key' isn't even necessary to access the data.
Yes, the currently decrypted data is exposed. But at least it is limited
to just that data. With the key, the entire disk is exposed.
--
|---------------------------------------/----------------------------------|
| Phil Howard KA9WGN (ka9wgn.ham.org) / Do not send to the address below |
| first name lower case at ipal.net /
spamtrap-2008-03-01-2128@ipal.net |
|------------------------------------/-------------------------------------|