What is Fobnail Project?
Fobnail Project provide resources to create axiomatically trustworthy
device and simple user interface to attest platform state. For
detailed project description please check here.
- Fobnail firmware is an open-source implementation of the
iTurtle security architecture concept presented at HotSec07; in addition, it
will leverage industry standards like TCG D-RTM trusted execution environment
and IEFT RATS. The Fobnail project aims to provide a reference architecture
for building offline integrity measurement verifiers on the USB device and
attesters running in Dynamically Launched Measured Environments (DLME). It
allows the Fobnail owner to verify the trustworthiness of the running system
before performing any sensitive operation. Fobnail does not need an Internet
connection what makes it immune to the network stack and remote
infrastructure attacks. It brings the power of solid system integrity
validation to the individual in a privacy-preserving solution.
- The Fobnail Token is a tiny open-source hardware reference
design of USB device that provides a means for a
user/administrator/enterprise to determine the integrity of a system. To make
this determination, Fobnail Token leverage Fobnail firmware,
which act as an attestor capable of validating attestation assertions made by
the system. As an independent device, Fobnail Token provides a high degree of
assurance that an infected system cannot influence Fobnail Token as it
inspects the attestations made by the system.
Where to go next?