Trusted Platform Modules: Locksmith in the Basement?
Open Source For You|October 2024
Tech giants are embedding special chips into their systems to ensure your data stays safe, even if you lose your device.
- Aditya Mitra and Anisha Ghosh
Trusted Platform Modules: Locksmith in the Basement?

Once upon a time there was a town where people traded very valuable items. But the town had notorious thieves that kept stealing these items. So the people built a special lockbox and kept the items in them for trading. This was a strong box and could not be broken or destroyed to get the contents inside it. The only way to do that was by unlocking it. The box had two keyholes and did not have any fixed keys. A locksmith could make special keys for the box in pairs — if one of the keys in the pair was used to lock the box, only the second key in the same pair could unlock it.

This lockbox was used widely and it worked well. People kept one key of the pair outside their homes in a publicly visible place. Anyone who wanted to give them something made a copy of that key. They then kept that item in the person’s lockbox, used this copied key to lock it, and handed over the box. The second key of the pair was kept by the owner securely and not given to anyone, and only he or she could unlock the box with this second key. The thieves stopped stealing these lockboxes because they were unable to open them without the correct keys.

This worked very well for ages. But then some thieves broke into the homes of people and started stealing the second key that was with the owner. And once they got the key, they stole the contents from the lockboxes. This became a menace in no time as the thieves started stealing the keys from more and more people, who started losing the valuables kept in the lockboxes.

To overcome this challenge, people in the town started making vaults to keep their keys safely. These vaults were unbreakable and strong so the thieves could not steal the keys. The second key was kept in the vault and taken out only when needed.

But this, too, did not work for long because the thieves were able to find the keys to the vault to unlock it. Then they stole the keys from the vault!

この蚘事は Open Source For You の October 2024 版に掲茉されおいたす。

7 日間の Magzter GOLD 無料トラむアルを開始しお、䜕千もの厳遞されたプレミアム ストヌリヌ、9,000 以䞊の雑誌や新聞にアクセスしおください。

この蚘事は Open Source For You の October 2024 版に掲茉されおいたす。

7 日間の Magzter GOLD 無料トラむアルを開始しお、䜕千もの厳遞されたプレミアム ストヌリヌ、9,000 以䞊の雑誌や新聞にアクセスしおください。

OPEN SOURCE FOR YOUのその他の蚘事すべお衚瀺
Helgrind: Detecting Synchronisation Issues in Multithreaded Programs
Open Source For You

Helgrind: Detecting Synchronisation Issues in Multithreaded Programs

Let's explore how Helgrind can be used to detect and debug multithreading issues with the help of a multithreaded C program.

time-read
3 分  |
November 2024
The Perfect Process of Booting a PC
Open Source For You

The Perfect Process of Booting a PC

Booting a PC seems as simple as eating a cake. But are you aware of all that goes on behind-the-scenes to bake a delicious cake or seamlessly boot a PC?

time-read
3 分  |
November 2024
Exploring eBPF and its Integration with Kubernetes
Open Source For You

Exploring eBPF and its Integration with Kubernetes

eBPF, a game-changing technology that extends the capabilities of the Linux kernel, offers significant advantages for Kubernetes networking. It also greatly improves Kubernetes observability by capturing detailed telemetry data directly from the kernel. Read on to find out how its integration with Kubernetes has immense benefits.

time-read
5 分  |
November 2024
Deploying Generative AI LLMs on Docker
Open Source For You

Deploying Generative AI LLMs on Docker

Built on massive datasets, large language models or LLMS are closely associated with generative Al. Integrating these models with Docker has quite a few advantages.

time-read
8 分  |
November 2024
Containerisation: The Cornerstone of Multi-Cloud and Hybrid Cloud Success
Open Source For You

Containerisation: The Cornerstone of Multi-Cloud and Hybrid Cloud Success

Open source containerisation software provides the flexibility, cost-effectiveness, and community support needed to build and manage complex multi-cloud and hybrid cloud environments. By leveraging this software, businesses can unlock the full potential of multicloud and hybrid cloud architectures while minimising vendor lock-in risks.

time-read
3 分  |
November 2024
From Virtual Machines to Docker Containers: The Evolution of Software Development
Open Source For You

From Virtual Machines to Docker Containers: The Evolution of Software Development

Containerisation and Kubernetes have eased software development, making it faster and better. Let's see where these are headed, looking at trends that are making life easier for developers.

time-read
10+ 分  |
November 2024
India's Leap in Supercomputing: Innovating for Tomorrow
Open Source For You

India's Leap in Supercomputing: Innovating for Tomorrow

As India strides towards self-sufficiency in supercomputing, embracing this evolution isn't just an option-it is pivotal for global competitiveness and technological leadership.

time-read
5 分  |
November 2024
SageMath: A Quick Introduction to Cybersecurity
Open Source For You

SageMath: A Quick Introduction to Cybersecurity

In the previous articles in this SageMath series, we delved into graph theory and explored its applications using SageMath. In this seventh article in the series, it is time to shift our focus to another crucial subfield of computer science: cybersecurity and cryptography.

time-read
10+ 分  |
November 2024
Efficient Prompt Engineering: Getting the Right Answers
Open Source For You

Efficient Prompt Engineering: Getting the Right Answers

OpenAl's GPT-3 and GPT-4 are powerful tools that can generate human-like text, answer questions, and provide insights. However, the quality of these outputs depends heavily on how you frame the input, or prompt. Efficient prompt engineering ensures you get the right answers by designing inputs that guide the AI towards relevant, clear, and useful responses. Let's find out how to craft effective prompts with examples.

time-read
4 分  |
November 2024
Analysing Linus Torvald's Critique of Docker
Open Source For You

Analysing Linus Torvald's Critique of Docker

This article looks at Docker's security flaws, particularly its shared-kernel model, and contrasts it with traditional VMs for better isolation. It discusses Linus Torvalds' concerns, explores mitigation techniques, and proposes a roadmap for building a more secure containerisation platform using hardware-assisted virtualisation, true isolation, and a robust orchestration layer.

time-read
8 分  |
November 2024