[Cryptography] The Crypto Bone's Threat Model
Dave Horsfall
dave at horsfall.org
Mon Mar 2 07:01:41 EST 2015
On Sun, 1 Mar 2015, Bill Frantz wrote:
> > On one occasion we got some rather baffled looks from an
> > embedded-systems vendor whose devices would happily write all over
> > write-protected SD cards. It was a *feature*, if the field engineers
> > forgot to slide the tab into the correct position the system wouldn't
> > shut down due to lack of writeable storage.
>
> Which means, if you are looking for the R/O tab to protect you from
> hostile software running the SD card, you're hosed.
Really, has anyone trusted the controller to not violate the media in this
way?
Sexual references aside, my hopes were dashed back in the 9-track tape
days, when I came across a *transparent" write ring... It wasn't an
optical mechanism, but I could not tell, at a glance, that the thing was
write-enabled or otherwise.
A story went around the traps at that time that there was a shop where the
only write-ring was in the manager's desk; there was me, later on, with a
desk-drawer full of Ethernet cables (both straight and crossed), BNC taps,
etc; you name it, and we had it.
Sticky-tape over the 5-1/4" cutout on a floppy also worked wonders at
times, but not that I would ever admit to it, of course...
And back when DS/DD/etc floppies became the rage (at double the price),
there was a roaring trade in nibblers.
When you're a Dilbert, you have to get the job done somehow, and damn the
PHB.
--
Dave Horsfall DTM (VK2KFU) "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)
More information about the cryptography
mailing list