Re: Encrypting Harddisk?
From: Jedi Master (gunsmith@no.spam.gr)Date: 06/29/02
- Next message: John Doe: "Re: SSH keys: RSA vs DSA"
- Previous message: Kasper Dupont: "Re: Enquiry regarding Linux in Mission Critical situation"
- In reply to: Nico Kadel-Garcia: "Re: Encrypting Harddisk?"
- Next in thread: Nico Kadel-Garcia: "Re: Encrypting Harddisk?"
- Reply: Nico Kadel-Garcia: "Re: Encrypting Harddisk?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Jedi Master <gunsmith@no.spam.gr> Date: Sat, 29 Jun 2002 09:45:53 +0300
On Sat, 29 Jun 2002 06:10:58 +0300, Nico Kadel-Garcia wrote:
> It's quite possible. The user's machine can phone home for the key. This
> procedure can be made as easy or difficult as you wish, requiring
> arbitrary levels of validation.
>
I don't think that this would work either. A good progrmmer (and reverse
engineerer) could isolate the portion of the program which whould phone
somewhere to get the key, and use it with a couple of modifications in
order to get the key to his harddisk. I don't think that it is too
difficult for someone who knows ....
And as the other idea, what about this scenario :
Lets say that i am the customer.
I try to copy the program but i need the key which is stored in my
motherboards eeprom. I try to open the case but the light detector gets
light and flushes the eeprom with a bare bootstrap to allow remote
recovery. I detect the light sensor (I am not an idiot, and security by
obscurity is NOT security as previously mentioned) and I stick a piece of
black paper in front of the detector. I start up the machine which will
get its OS back remotely possibly via phone. Then i get eeprom in my hand
having the OS inside it.
And consider the other scenario.
No matter what u do to protect your program, i *can* make a program which
will dump the entire memory
in my harddisk as soon as the program is loaded. How would u prevent this ?
-- Gunsmith
- Next message: John Doe: "Re: SSH keys: RSA vs DSA"
- Previous message: Kasper Dupont: "Re: Enquiry regarding Linux in Mission Critical situation"
- In reply to: Nico Kadel-Garcia: "Re: Encrypting Harddisk?"
- Next in thread: Nico Kadel-Garcia: "Re: Encrypting Harddisk?"
- Reply: Nico Kadel-Garcia: "Re: Encrypting Harddisk?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
