lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1180343331.26369.55.camel@dapcva>
Date: Mon, 28 May 2007 11:08:51 +0200
From: Vincent Archer <varcher@...yall.com>
To: Pavel Kankovsky <peak@...o.troja.mff.cuni.cz>
Cc: full-disclosure@...ts.grok.org.uk, Valdis.Kletnieks@...edu
Subject: Re: Linux big bang theory....

On Sun, 2007-05-27 at 14:22 +0200, Pavel Kankovsky wrote:
> "All memory" involves any aspect of the system mutable by the software. If
> the microcode is mutable than the memory used to store it is a part of
> "all memory".

Yes. And for typical systems, that also includes all of the mass storage
(i.e. the file systems) attached to it: your software needs to require
every single byte of data storage. I think such a system would come
close to have a self-provable integrity, but such a system must be
extremely carefully designed for it, and notably is non-expandable. Any
expansion breaks down the proved state by introducing external
unvalidated states, and you're back to square one.

Being able to validate the integrity of a system requires *at least* the
entire potential system, which is why systems in general cannot
self-prove: they require more than themselves.

-- 
Vincent ARCHER
varcher@...yall.com

Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ