There’s a lot of misinformation out there about what trusted computing is and isn’t. This is due to the trusted computing folks stupidly getting in bed with the DRM folks in the very early days. Since then DRM has been shown to be a more or less pointless endeavor, but we’ve still got the Trusted Platform Module (TPM), Intel’s Trusted Execution Technology (TXT), and other Trusted Computing mechanisms sitting around waiting for computer security engineers to put them to good use. Indeed, as far back as 2006 people like Bruce Potter were saying “Hey, these are interestingly little chips, hackers should find ways to do cool things with them!”

With that in mind, we’re happy to now present a class by Ariel Segall, who has been working with TPMs on “attestation” protocols for many years. Attestation is just a fancy word for when someone, say software on an enterprise laptop, is proving something to someone else, say the enterprise network access control (NAC) which wants to make sure you’re patched up before getting on the network. And the key point is that unlike a lot of protocols these days where an attacker can trivially forge whatever value is convenient to him, when you add TPMs into the mix it gets much harder, and you can have much more trust that The Right Thing is happening on the machine.

There’s a reason why people like Microsoft have started to embrace TPMs for trusted boot on Windows 8: it’s because without them, they can’t do a good job of even getting the system booted up without malware having every opportunity to subvert the system right from the get-go (see the Rootkits class for more information about bootkits.) So going forward security professionals really owe it to themselves to learn about what trusted computing can and can’t do, instead of continuing to treat TPMs like evil voodoo DRM boxes. And a reasoned dive into the technology is exactly what this class will give you.

Note: the video for this class is currently being edited for public release and the first day will hopefully be available very soon.

So head on over to the class page here:

http://OpenSecurityTraining.info/IntroToTrustedComputing.html