[Cryptography] trojans in the firmware

Tom Mitchell mitch at niftyegg.com
Wed Feb 18 17:16:16 EST 2015


On Tue, Feb 17, 2015 at 10:53 PM, David Johnston <dj at deadhat.com> wrote:

>
> On 2/17/15 6:28 PM, Henry Baker wrote:
>
>> I (and most everyone else, as well) no longer care about booting from
>> "hard" disks.  Everyone boots from flash memories these days.
>
>
.......

>  Flash files systems were commonplace. They are still there in the Linux
source code and I assume they are used in many products.

The critical stage is the boot  ROM (BIOS) and the boot device.
Once Linux has booted a lot is possible but too much has already taken
place.
A BIOS that allows booting from a Flash memory card must be trusted.

Virtual machines may help or hinder.

The VM is sitting where the man in the middle wants to be and if it wants
can protect or expose
the OSs that it hosts.   A VM can protect a hard drive from being infected
by blocking vendor
codes that might try to update or corrupt modern disks of boot flash memory.

To help a company like Sony what if the VM established a VPN link to a
landing zone at Sony
based on previously shared keys it could be at a solid step for
establishing access to resources.
The VM can also host a user safe context so employees can access Amazon,
Gmail  or what ever
but not from a company resource of any kind.

But it all depends on the integrity of the boot process.....
As always key management and shared secret management is important.










-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150218/74cf8849/attachment.html>


More information about the cryptography mailing list