That avenue of attack is exactly what TPM is supposed to protect against. It provides a piece of hardware that can't be spoofed to a virtual machine without a way of extracting the cryptographic keys from the chip it's self (which is theoretically possible, but practically impossible).
I'm assuming that the presence of a TPM is part of this whole SecureBoot thing.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: Virtualization
Date: 2012-05-31 06:25 pm (UTC)I'm assuming that the presence of a TPM is part of this whole SecureBoot thing.