full-disk subversion standards released
Jonathan Thornburg
jthorn at astro.indiana.edu
Fri Jan 30 16:41:56 EST 2009
On Thu, 29 Jan 2009, John Gilmore wrote:
> If it comes from the "Trusted Computing Group", you can pretty much
> assume that it will make your computer *less* trustworthy. Their idea
> of a trusted computer is one that random unrelated third parties can
> trust to subvert the will of the computer's owner.
Indeed, the classic question is "I've just bought this new computer
which claims to have full-disk encryption. Is there any practical
way I can assure myself that there are (likely) no backdoors in/around
the encryption?"
For open-source software encryption (be it swap-space, file-system,
and/or full-disk), the answer is "yes": I can assess the developers'
reputations, I can read the source code, and/or I can take note of
what other people say who've read the source code.
Alas, I can think of no practical way to get a "yes" answer to my
question if the encryption is done in hardware, disk-drive firmware,
or indeed anywhere except "software that I fully control".
--
-- Jonathan Thornburg <jthorn at astro.indiana.edu>
Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
"Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral."
-- quote by Freire / poster by Oxfam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list