Hardware Reference
In-Depth Information
You can only enter the code once. If you try it again, the program will extend PCR9 again
using the now incorrect PCR state as input into the next. Now, let's seal our GPG secret
key ring:
tpm_sealdata -p 9 -i secring.gpg -o secring.gpg.tpm -z -l
You can remove -l debug if you wish and the command will silently complete. Let's
test decryption:
tpm_unsealdata -i secring.gpg.tpm -o deleteme -z
It should silently complete on success. You can now delete the temporary file deleteme
and the original secring.gpg . You did make an encrypted backup, right? You'll prob-
ably want to delete the file in a more secure fashion. The secure remove tool srm does
just that and overwrites the file numerous times before deleting. To install use the follow-
ing command:
sudo apt-get install secure-delete
Then use just as you would rm .
Bunnie Huang and Sean Cross (also known as xobs ) presented a talk at the 30th Chaos
Communication Congress ( 30C3 ) on hacking SD cards. Your SD or eMMC includes a
small microcontroller that manages the attached flash memory. This microcontroller is
perfectly situated to act as a Man-in-the-Middle attacker and manipulate the data you store
on the device. For example, the microcontroller could keep a backup copy of your data
since it would report to your computer a storage capacity of 8GB, but actually it contains
a 16 GB flash chip. More information can be found on Bunnie's blog at ht-
tp://www.bunniestudios.com/blog/?p=3554 .
Search WWH ::

Custom Search