example: secure computing kernel needed
Amir Herzberg
amir at herzberg.name
Tue Dec 30 05:11:06 EST 2003
At 04:20 30/12/2003, David Wagner wrote:
>Ed Reed wrote:
> >There are many business uses for such things, like checking to see
> >if locked down kiosk computers have been modified (either hardware
> >or software),
>
>I'm a bit puzzled why you'd settle for detecting changes when you
>can prevent them. Any change you can detect, you can also prevent
>before it even happens.
<skip>
I'm not sure I agree with your last statement. Consider a typical PC
running some insecure OS and/or applications, which, as you said in earlier
post, is the typical situation and threat. Since the OS is insecure and/or
(usually) gives administrator priviledges to insecure applications, an
attacker may be able to gain control and then modify some code (e.g.
install trapdoor). With existing systems, this is hard to prevent. However,
it may be possible to detect this by some secure monitoring hardware, which
e.g. checks for signatures by the organization's IT department on any
installed software. A reasonable response when such violation is
detected/suspected is to report to the IT department (`owner` of the machine).
On the other hand I fully agree with your other comments in this area and
in particular with...
...
>Summary: None of these applications require full-strength
>(third-party-directed) remote attestation. It seems that an "Owner
>Override" would not disturb these applications.
>
>---------------------------------------------------------------------
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list