Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
pasward at big.uwaterloo.ca
pasward at big.uwaterloo.ca
Thu Nov 22 16:45:47 EST 2001
Jay D. Dyson writes:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> On Wed, 21 Nov 2001 pasward at big.uwaterloo.ca wrote:
>
> > > Yet another reason why Open Source is your friend.
> >
> > I did not mean to imply that I am running some variety of windows. I am
> > interested in the technical problem of what is the state of the art for
> > detecting whether or not a computer has been tampered with. The use of
> > some version of un*x does not per se solve this.
>
> I'm afraid we're still in the "arms race" model in that respect.
> Every time one party comes up with a new widget, another party quickly
> follows with a widget-defeater. Then the original party releases an
> updated widget with a widget-defeater-defeater feature. Then the opposing
> party responds in kind. On and on it goes...like a dog chasing its tail.
>
> My original response handles the electronic portion of the
> equation (though I do concede the point another writer made that all bets
> are off when the day of the Backdoored BIOS arrives). If you mean only
> the physical aspect of the equation, there are a number of tricks you can
> use ranging from sealing a system with epoxy, locks and so on...or (for
> those who dig Mission: Impossible stuff), boobytrapping a system to either
> explode a dye-pack (like that used in banks) or commit digital seppuku if
> an unauthorized party dicks with it.
>
> I must admit the dye-pack idea has a certain appeal to it.
> Nothing would make my day like seeing some goons come out of my house with
> bright Candy Apple Red faces.
I'm not actually worried about physical access at this point.
Breaking and entering is a lot more difficult that hacking into a
system, and frequently leaves evidence. More to the point, this is no
different as a risk than that experienced whenever you use a physical
ATM machine to access cash. My concern is with software access to a
machine that is to be used in the same manner as an ATM.
Paul
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list