Re: Microsoft's Jihad - Palladium
From: Bernd Felsche (bernie@innovative.iinet.net.au)Date: 06/28/02
- Next message: Gary: "Help need - to remove linux trojan"
- Previous message: Damian Menscher: "Re: subjective Q. - what's the most secure OS?"
- In reply to: srt@nospam.unt.edu: "Re: Microsoft's Jihad - Palladium"
- Next in thread: Barry Margolin: "Re: Microsoft's Jihad - Palladium"
- Reply: Barry Margolin: "Re: Microsoft's Jihad - Palladium"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Bernd Felsche <bernie@innovative.iinet.net.au> Date: Fri, 28 Jun 2002 09:41:49 +0800
srt@nospam.unt.edu writes:
>Geoff Lane <zzassgl@twirl.mcc.ac.uk> wrote:
>> In article <afchaf$25g$1@hermes.acs.unt.edu> you wrote:
>>> And if there are cryptographic keys embedded in the hardware,
>>> and they don't tell you what they are, how do you plan on
>>> emulating the hardware?
>> CSS made the same assumption and lasted, what? six months?
>It was a software implementation that was broken. Unless they're
>complete idiots (no comment) they will not allow any software
>implementations of this.
What do you mean by "allow"? You mean as in prohibit?
Using that mechanism is simply naive.
Or do you mean having a piece of hardware whose data transforms
cannot be modelled and hence cannot be implemented in software?
That won't work for anybody but Harry Potter.
>> If the hardware is accessable it is NOT secure. All you have is
>> an example of security by obscurity. There is technology
>> available that can explosively destroy chips when they are
>> tampered with but does anyone think that kind of thing will be
>> acceptable in home computers?
>There are plenty of cost-effective ways to secure hardware (no
>explosives involved!). For instance, before the whole skipjack
Of course there are cost-effective ways of securing data; they're
not completely secure unless you're planning never to use the
hardware - in which case; what's the point of putting the data in
the machine? May as well destroy it using a grinder and acid.
Which brings to light another aspect of security: Security also has
to ensure availability and integrity.
The biggest problem in practice is then lack of backups or failing
to secure backup media.
-- /"\ Bernd Felsche - Innovative Reckoning, Perth, Western Australia \ / ASCII ribbon campaign | I'm a .signature virus! X against HTML mail | Copy me into your ~/.signature / \ and postings | to help me spread!
- Next message: Gary: "Help need - to remove linux trojan"
- Previous message: Damian Menscher: "Re: subjective Q. - what's the most secure OS?"
- In reply to: srt@nospam.unt.edu: "Re: Microsoft's Jihad - Palladium"
- Next in thread: Barry Margolin: "Re: Microsoft's Jihad - Palladium"
- Reply: Barry Margolin: "Re: Microsoft's Jihad - Palladium"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
