[Cryptography] Secure erasure
kentborg at borg.org
Tue Sep 13 20:27:34 EDT 2016
On 09/13/2016 03:21 PM, Jerry Leichter wrote:
> So the alternative is to look elsewhere: Security is a *system*
> property, just like reliability
Yes! Security and reliability are closely wrapped in each other. We need
one to get the other.
> we need to build secure systems out of insecure components.
Hard to do, but if we define the component boundaries, there is a
possibility of carefully composing them into a larger system that has
some hope. Even Target's PoS system *might* have been secure, had it
been on an isolated network, but they didn't know if that be so, and
they probably still don't know.
A religious faith in firewalls and intrusion detection systems distracts
everyone. We heard a lot about Target ignoring their intrusion detection
system, but did we hear much about their PoS system being a PoS?
> Though as far as we can tell, there needs to be more of a secure core
> to bootstrap with than a reliable core.
When we can neither trust the chips nor trust UPS to deliver them
without further tampering, there are lots of holes, but the way we build
systems adds more.
-kb, the Kent who repeats Jerry Leichter: "Security is a *system*
More information about the cryptography