lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 05 Jul 2010 23:15:19 -0400
From: Valdis.Kletnieks@...edu
To: Mary and Glenn Everhart <Everhart@....com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Full-Disclosure Digest, Vol 65, Issue 7

On Mon, 05 Jul 2010 21:48:53 EDT, Mary and Glenn Everhart said:
> Might I suggest that in addition to discussing how to defend against 
> software attacks, that it is also useful to devise methods and protocols 
> that will function even where the systems being used to communicate are 
> infected with malware?

The consensus in the security world is that, in general, if a system has been
infected with sufficiently virulent malware, it's impossible to do *any*
reliable computing on it.  Consider a system with a keystroke logger on it -
anything you type is compromised the instant you hit the key. (And before you
say "how about a mouseable keyboard on the screen", I'll point out that some
banks have tried that, and it's already been pwned). Similar arguments hold for
any other function - if the attacker controls the vertical and horizontal,
you're basically screwed. So there's not been a lot of research on the topic
from the white-hat end. Most likely, you'll find most of the good work in this
area over in the black-hat world, as they're continually trying to find ways to
do reliable computing on a machine owned by the adversary.

There is a slim chance that with hardware assistance such as a smart
card, it may be possible to open up an encrypted communications session from
the smart card *through* the compromised system to an external endpoint.
However, such a card would have very limited ability to introspect the
system unless you expand the scope drastically - and at that point, you're
basically re-inventing the TPM chipset.

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ