[Cryptography] programable computers inside our computers

Phillip Hallam-Baker hallam at gmail.com
Wed Oct 23 09:53:49 EDT 2013


On Tue, Oct 22, 2013 at 9:11 PM, John Gilmore <gnu at toad.com> wrote:

> > >> We thought embedded devices were for physical infrastructure
> > >> engineers to worry about, but now they are proliferating inside
> > >> our general purpose computers.  The next Stuxnet will run on one
> > >> of the invisible computers inside your computer.
>
> It is probably ALREADY running there.
>
> With regard to the invisible single-chip computer that sits on every
> server's motherboard (thanks, you idiots at Intel), I can't say it any
> better than Dan Farmer:
>
>   IPMI: Express Train to Hell, v2.0
>   dan farmer/zen at trouble.org
>   http://fish2.com/ipmi/itrain-gz.pdf


All I want from a trusted computing base is the ability to store private
keys and make use of them in a way that prevents them being extracted by an
attacker without physical access to the machine and reasonably advanced
equipment.

The ability to tell a server to reboot remotely and to only load the O/S
image that I authorized would also be useful. In a very large installation
I might want the ability to drop ship the machine and have it boot from the
network the first time.

Instead we get...



None of these functions would be useful to me unless they were part of an
open standard because however good one vendor's tools are, the cost of lock
in is never acceptable.

-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131023/2562c6f6/attachment.html>


More information about the cryptography mailing list