On 05/07/2021 06:27, Patrick O'Callaghan wrote:
On Sun, 2021-07-04 at 10:33 -0700, Samuel Sieb wrote:
On 2021-07-04 9:08 a.m., Patrick O'Callaghan wrote:
On Sat, 2021-07-03 at 23:09 -0700, Samuel Sieb wrote:
My mobo is about 8 years old, so I don't have the hardware, however
QEMU/KVM apparently emulates it well enough to fool Windows.
Which as I said earlier, makes the whole thing ridiculous.
the hardware, if you use a VM, you can fool the OS.
Indeed, however as I understand it one supposed purpose of a TPM (among
others) is to be able to guarantee that the operating system running on
the machine has a solid trust base. Quoting from
https://en.wikipedia.org/wiki/Trusted_Platform_Module#TPM_implementations:
Software TPMs are software emulators of TPMs that run with no more
protection than a regular program gets within an operating system. They
depend entirely on the environment that they run in, so they provide no
more security than what can be provided by the normal execution
environment, and they are vulnerable to their own software bugs and
attacks that are penetrating the normal execution environment.
In the case of Windows 11 under a VM, as you say the software TPM can do
what it likes. In effect, there is no more guarantee than with a system
without a TPM and the message that Windows 11 can only be used where a TPM
provides a trust base might give a false sense of security.
Aren't the terms "Windows" and "Security" oxymoronic? :-) :-)
--
Remind me to ignore comments which aren't germane to the thread.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure