[Cryptography] Dark Mail Alliance specs?
Ralf Senderek
crypto at senderek.ie
Thu Mar 27 16:32:57 EDT 2014
On Thu, 27 Mar 2014, Bear wrote:
>> That's true if you assume that root access and invisible modification
>> of crucial software is possible. Otherwise there is evidence.
>
> I do assume that. I can set up a virtual machine in userspace and give
> someone root access to that virtual machine at any moment.
As you've read my posting carefully you'll know that I assume a dedicated
machine and not VPS nor shared hosting.
> And while
> they have root access, I can still go in and commit live edits to their
> running image, invisibly modifying crucial software on their virtual
> disk, performing actions that ought to require 'root' while leaving
> no logfile traces, etc. Doing this doesn't even require me to have
> root access on the host machine.
How would you possibly do that on a running dedicated server?
AFAIK you'd need to reboot the machine into your own OS utilizing your
physical access to it and stop my running system entirely. Of course
that can be done if one has physical access and motivation.
--ralf
More information about the cryptography
mailing list