Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
Jay D. Dyson
jdyson at treachery.net
Wed Nov 21 17:58:53 EST 2001
On Wed, 21 Nov 2001 pasward at big.uwaterloo.ca wrote:
> But this doesn't really address the question. Certainly you take
> various precautions. The question is: how can I know if the system is
> compromised?
There's a wealth of utilities that can indicate system compromise.
These tools range from Tripwire to the Advanced Intrusion Detection
Environment (AIDE), plus a range of network sniffing utilities that can be
configured to look for unusual traffic. There's also the CryptoFileSystem
that precludes the Great Forces of Malevolence from sneaking things onto
your drive without your knowledge.
All of these security-enhancing features must be predicated by
cradle-to-grave security, though. That means trusted installation of a
trusted OS from a trusted source on a trusted, non-networked box. Coupled
with that is assured physical security of the system by tamper-evident
systems.
In the final analysis, there's no substitute for simple human
vigilance and a healthy amount of paranoia. Not one of these tools are of
any use if you have a user at the helm who will gleefully download and
execute the latest trojan horse.
-Jay
( ( _______
)) )) .-"There's always time for a good cup of coffee."-. >====<--.
C|~~|C|~~| (>------ Jay D. Dyson - jdyson at treachery.net ------<) | = |-'
`--' `--' `----------- Free Speech != Cheap Talk -----------' `------'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list