Infineon Security Platform on SZ series

Can someone give me a clear explanation as to how this works? What exactly does it do?

I know you need to enable something in your BIOS for this software to work.

I want to be sure I setup some sort of security of my laptop that would prevent loss of personal information in the event my laptop is stolen.

Do any of you have any recommended security setup? The fingerprint scanner software works great for windows login but I find the popups for every time there is a password on my system to be a little annoying.

What is the best setup?

 

you can set those pop ups not to show and simply run the fingerprint scanner - all you have to do is enter the correct user/pass into the login and then run your finger through the scan successfully. The software then stores the password for the future so that the next time you come to that site, just do the fingerprint scan and you're in. I love this feature - even if I'm not good at getting successful scans everytime yet...working on that - that would bethe big stopper if I have to try more than twice to get a successful scan (easier to type it in then!).

~r

 

Someone have a better explaination for "Trusted Platform Module"?

The stuff in the reply directly above is in regards to the Protector Suite, which seems to work just find with the TPM BIOS setting Enabled or Disabled.....

What exactly is the Inferion software/hardware about? I looked at their website's FAQ and also at a wiki entry, but its still hazy on what it's exact purpose is and why I should/should-not be using it

 

I know a part of it is to enable the encryption of data. The TPM chip holds a key, a seriously long key, which is used to encrypt data.

In this fashion the data cannot be read without that particular chip present - each has a unique key. It is also computationally very difficult to crack this key due to its length.

That is my knowledge on the situation, but I am almost certain it can do other things. I will have a read when I get my computer back and post at a later time when I discover the use of the TPM.

 

The TPM is a microcontroller that can store keys and passwords in its EEPROM. The advantage is that the passwords are not stored on the hard drive, which are files that can usually be read (secret & public keyrings for example). The TPM is 'tamper resistant' which makes it more difficult to recover the keys.

I've enabled it (probably not correctly) and haven't had time to see how it works, but I'm assuming once it's configured, it's something that will automatically store keys in the chip instead of on the HD.

As for the fingerprint reader, I think it's awesome. Unfortunately, it doesn't work after I get back from climbing. It usually takes several hours or overnight before it can read my fingerprint again. I haven't tried using a 'fake' fingerprint, but I'd be curious to know how easy it is to foil.

Anyone else have problems with the reader after swimming, gardening, doing dishes...?

 

infineon security is breakable by any pro who can open the laptop...

about the fingerprint - What if a hacker downloads the db of that program and own your fingerprints+your passwords

I doubt it has a good security there...

 

Ummm, I don't have the datasheet for the chip, but based on the feature list, I doubt you could easily read the contents of the TPM.

About the fingerprint... I don't know where the data is stored, but if it is on the harddrive, then yes, it can be downloaded. If somehow the fingerprint is used to unlock the TPM, then yes, the passwords stored in the TPM are compromised. <insert cliche about the weakest link...>

The TPM is an interesting idea, but the security mechanism needs to be properly put in place. The fingerprint reader itself is probably not very secure; there are already lots of (non-reliable) reports of people spoofing fingerprints.

My assessment is still:
TPM provides reasonable security and functionality
Fingerprint reader sucks after climbing...

 

My fringerprint scanner, which is a great idea, fails to recognise my stickly mits 80% of the time. Usually, it takes 10 attempts to log in. I simply type my password now because its quicker. I have tried rescanning my fingerprints and cleaning the reader and my fingers but have had no change.

 

My experience has been exactly the opposite - the recognition rate of my fingerprint scans were flaky are first, but now it works every time, and I'm even able to scan my finger a bit faster across the reader. Maybe the unit "learns" after a while. Just to be sure, I ran one of my non-registered fingers across the reader, and it failed - so I know it's not accepting just any fingerprint. The more I use it, the more I wonder how I ever lived without it - I even bought an external fingerprint reader for my desktop at work!

Javier

 

Trusted Platform Modules could also be for enabling 'Trusted Computing', which is why I won't buy a laptop with a TPM. Sure, you being in charge of the TPM is nice, but what if, say through a security update, 'they' decide to be in charge of it for you? Watch the video. http://www.lafkon.net/tc/

 

If anything, I'd switch the TPM chip off. Is this easy to do...?

By the way, the TPM key is currently 2048 bit strong.

 

It would seem that the fingerprints are not stored on the HDD. I did a clean format of the entire HDD last week, and even with the TPM chip disabled my fingerprints for boot security were still intact. They are either stored on the TPM chip regardless of its bios Enable/Disable setting, or somewhere else.