multi band/ out of band/ multi factor TPM TOTP codes for boot verification / increased boot verity/ assurance - puri.sm leading Free Libre Open Source Software, Hardware and Security vision

Zenaan Harkness zen at freedbms.net
Wed Oct 3 21:34:58 PDT 2018


Multi factor boot authentication, making use of the TPM chip (to
whatever extent you might consider that worthwhile or otherwise),
generation of a QR code and a mobile phone app for external (to your
laptop/ computer) "verification" of bootup hash values, doing so all
in free libre and open source software (of course), is now in sight:

https://puri.sm/posts/category/firmware/

(7 year old lappy here, saving for a puri.sm)


Ideally, we'd actually have our own seL4 or other small sized kernel
inside the Intel ME, so we could make full use of it; beginnings:

https://puri.sm/posts/reverse-engineering-the-intel-management-engine-romp-module/

https://www.reddit.com/r/linux/comments/6b2xgu/reverseengineering_the_intel_management_engine/


Next, we need a libre hardware/ auditable "free/libre" hardware/ chip
for ethernet and/ or wireless, as that'd be my first port of call if
I were with intent and dollar$ to undermine "generally available
hardware" in such a way that my rogue infiltration packet opened a
hardware backdoor (on generally available hardware).



More information about the cypherpunks mailing list