| ||LinkBack||Thread Tools||Display Modes|
TPM and Windows Vista TPM Services
Hi there all, I am working on a document on Windows Vista TPM Services,
and I have several questions I'm hoping someone can answer as well as
several thoughts I'd like some feedback on. Feel free to address any
combination of my comments/points, but I ask that you please try to be
informative and thoughtful in your reply- I'd like to really learn
something after all ;-)
1) Is the Endorsement Key used to create the hashes of integrity
monitoring/reporting metrics? If not, what key is used?
2) The TBB of a trusted platform is the TPM and the CRTM. The CRTM is
either a portion of or the entire BIOS code. Both of these components
must be trusted, and updates must be controlled. However, currently
3rd party BIOSes are prevalent, and anyone can update them. If this
situation does not change then basically 1 of the 2 components of the
TBB cannot really be trusted. How can we really ever have a trusted
computing platform if one of the 2 TBBs can be compromised? Perhaps
this issue is being addressed when I read the phrase "TPM-compliant
3) A trusted computing platform using a 1.2 TPM, and Windows Vista can
enable Secure Startup and BitLocker drive encryption to secure data
cryptographically. If the drive from this trusted computing platform
is stolen and placed into another system running another operating
system then what is the attacker missing in order to access the data?
The same thing they were missing before the trusted computing platform
was around- the encryption key. Therefore, doesn't the attacker
still have the same methods of brute force attack at their disposal for
cracking the encryption of the volume? How does the TPM make this
different once the drive has been removed from the system?
4) I am trying to write scripts to perform basic TPM management tasks.
Microsoft has some documentation on the WIn32_Tpm class which is
supposed to be used for this sort of thing, but I have not had any
success getting scripts to work on my Windows Vista 32-bit or 64-bit
installations. In the end I simply tried to search for the Win32_Tpm,
and could not even find it. The method for searching for the class was
to use the script below, and then pipe it to | findstr /I "Win32_Tpm".
strComputer = "."
strNamespace = "\root"
Set objSWbemServices = GetObject("winmgmts:\\" & strComputer &
Set colClasses = objSWbemServices.SubClassesOf()
For Each objClass in colClasses
I have some more questions floating around somewhere, but this is a
Thanks in advance for your replies.