*countable infinities only
Gerry Reno
greno at verizon.net
Thu May 31 19:07:01 UTC 2012
On 05/31/2012 02:52 PM, Jon Ciesla wrote:
> On Thu, May 31, 2012 at 1:21 PM, Gerry Reno <greno at verizon.net> wrote:
>> On 05/31/2012 02:17 PM, Jon Ciesla wrote:
>>> On Thu, May 31, 2012 at 1:08 PM, Gerry Reno <greno at verizon.net> wrote:
>>>> On 05/31/2012 01:57 PM, Jon Ciesla wrote:
>>>>> On Thu, May 31, 2012 at 12:52 PM, Gerry Reno <greno at verizon.net> wrote:
>>>>>> On 05/31/2012 01:48 PM, Jon Ciesla wrote:
>>>>>>> On Thu, May 31, 2012 at 12:42 PM, Gerry Reno <greno at verizon.net> wrote:
>>>>>>>> On 05/31/2012 01:34 PM, Jon Ciesla wrote:
>>>>>>>>> On Thu, May 31, 2012 at 12:22 PM, Gerry Reno <greno at verizon.net> wrote:
>>>>>>>>>> On 05/31/2012 01:19 PM, Jon Ciesla wrote:
>>>>>>>>>>> On Thu, May 31, 2012 at 12:16 PM, Gerry Reno <greno at verizon.net> wrote:
>>>>>>>>>>>> On 05/31/2012 01:10 PM, Gregory Maxwell wrote:
>>>>>>>>>>>>> On Thu, May 31, 2012 at 1:07 PM, Gerry Reno <greno at verizon.net> wrote:
>>>>>>>>>>>>>> Could be any of a thousand ways to implement this.
>>>>>>>>>>>>>> Maybe it checks the BIOS to determine whether some SecureBoot flag is set.
>>>>>>>>>>>>> While it pains me to argue with someone on my side— you're incorrect.
>>>>>>>>>>>>> The compromised system would just intercept and emulate or patch out that test.
>>>>>>>>>>>> Then what's missing here is a way for booted OS's to test themselves for integrity.
>>>>>>>>>>> Maybe some sort of cryptographic signature stored in the hardware?
>>>>>>>>>>>
>>>>>>>>>>> <ducks>
>>>>>>>>>>>
>>>>>>>>>>> -J
>>>>>>>>>>>
>>>>>>>>>>> </sarcasm>
>>>>>>>>>>>
>>>>>>>>>> Just not dictated by one monopoly.
>>>>>>>>> Ideally, no. But you see the problem. I'm divided on the solution
>>>>>>>>> myself, but I've yet to see one I feel better about.
>>>>>>>>>
>>>>>>>>> -J
>>>>>>>>>
>>>>>>>>>
>>>>>>>> This game of cat and mouse with the blackhats is not going to end until we have some type of read-only partitions where
>>>>>>>> known good code resides.
>>>>>>> We have that, ISO9660. Known good == known good to whom?
>>>>>>>
>>>>>>>
>>>>>> Nah, can't be iso.
>>>>>>
>>>>>> Has to be HDD partitions whose ro/rw state is controlled by hardware.
>>>>> Which brings us back to the issue of how the hardware knows what to
>>>>> trust for that ro/rw state.
>>>> The hardware is under control of the user.
>>>>
>>>> At some point the user has to know what they consider trusted.
>>>>
>>>> During installation from a known good installation source: DVD, network, whatever, the user enables the install to write
>>>> on the partition by actively pressing a hardware button that allows the write. After the installation is finished the
>>>> user switches it back to read-only through pressing the hardware button.
>>>>
>>>> The user now has a known good read-only installation to boot from.
>>> Is there an implementation of this existing today for HDD?
>> Not yet. But HDD technology is changing rapidly. Just look at hybrid drives, SSD.
>>
>> No reason they could not add this capability.
> Right. But it's not there now, which is my point.
Actually it seems the forensic firms have been doing this for a while:
http://www.digitalintelligence.com/forensicwriteblockers.php
Their interfaces toggle the write wire to the drive.
>
>>> Because
>>> otherwise with existing technology, AFAIK, that limits your media
>>> choices for root fs medium to CD/DVD-R, Floppy, Zip/Jaz disc, or some
>>> models of USB flash drive.
>> Yes, all these would currently support what I'm suggesting.
> Actually, if you're willing to flip a lot of switches, you could
> probably make your / a raid5 of floppies, but the performance would be
> suboptimal.
>
> -J
>
Ok, now you're just being silly.
.
More information about the devel
mailing list