4 Feb
2005
4 Feb
'05
9:42 p.m.
The best that can happen with TCPA is pretty good - it could stop a lot of viruses and malware, for one thing.
No, it can't. That's the point; it's not like the code running inside the sandbox becomes magically exploitproof...it just becomes totally opaque to any external auditor. A black hat takes an exploit, encrypts it to the public key exported by the TCPA-compliant environment (think about a worm that encrypts itself to each cached public key) and sends the newly unauditable structure out. Sure, the worm can only manipulate data inside the sandbox, but when the whole *idea* is to put everything valuable inside these safe sandboxes, that's not exactly comforting. --Dan