Cryptogram: Palladium Only for DRM
Niels Ferguson
niels at ferguson.net
Tue Sep 17 06:48:52 EDT 2002
At 16:00 17/09/02 +1200, Peter Gutmann wrote:
>>But I am not suggesting to do it purely in software. Read the Intel manuals
>>for their CPUs. There are loads of CPU features for process separation,
>>securing the operating system, etc. The hardware is all there!
>
>There was a rather nice paper at Usenix Security 2000 on this [pause]
>available from
>http://www.usenix.org/publications/library/proceedings/sec2000/robin.html
Thanks, Peter, for a nice reference. That paper points out that the Pentium
doesn't make it easy to create a virtual machine that is perfectly
transparent, i.e. that the OS inside the VM cannot detect the VM at all. I
don't think that is the current concern, as the OS and secure kernel are
being developed by the same company. I'm sure the secure kernel is
significantly easier to develop if you can make some small changes to the
OS code, but even without this VMware shows that it can be done without any
help of the OS.
Niels
==============================================================
Niels Ferguson, niels at ferguson.net, phone: +31 20 463 0977
PGP: 3EC2 3304 9B6E 27D9 72E7 E545 C1E0 5D7E
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list