[coreboot] [SPAM] Re: Feedback On Coreboot: the Solution to the SecureBoot Fiasco

Peter Stuge peter at stuge.se
Mon Jan 7 22:40:20 CET 2013


Ward Vandewege wrote:
> This. It's called 'remote attestation'
> (https://en.wikipedia.org/wiki/Trusted_Computing#Remote_attestation).
> An obvious (first?) application will be your bank, which will refuse
> you access to their online banking system unless you run a 'trusted'
> software stack.

Yes and no - software is not the core business of banks, so they
most likely prefer *not* to have to deal with these things, including
customer support.

They simply buy solutions, such as Vasco DigiPass, and/or crypto chip
cards. A progressive bank might have an IT department that actually
develops an iOS app, but I think that will be about it.

There are some highlights however;

In Sweden, banks accept government-issued eIDs for login, as long as
they follow the BankID coalition spec. There is an open source and
free software implementation of this, which does allow to use any
token or chip card supported by OpenSC.

In Germany, banks support a public API for home banking, for which it
also exists at least one open source and free software implementation
that works fine with the chip card issued by the bank again via
OpenSC.


//Peter



More information about the coreboot mailing list