Adam Shostack writes:
Actually, most of the features of Nogsuccob are features that I want, like integrity protected, authenticated boot. The problem, bundled with those features, is the ability of the system to attest to its secure boot. This can be fixed by not letting the host know if you've exported its host key or not, which makes it possible to run a virtualized, trusted copy in your emulation environment.
Nothing forces you to tell anyone else that you booted securely. At most someone may offer to give you something in exchange for such a proof, but you're not obligated to take them up on it. It's not clear what you're getting at about exporting the host key. These systems (TCs) are generally designed to make that difficult or impossible to accomplish. The security of the whole system is built on that assumption. If you actually did manage to pull out the host key then you could make it attest to any falsehood you wanted, although you might get caught eventually. Trusted Computing lets people convincingly tell the truth about what software they are running. This is seen as a horrific threat in certain circles. It's easy to see why liars wouldn't like it. What does an honest man have to lose?