lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 16 Mar 2015 20:57:32 +0000
From:	One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>
To:	David Lang <david@...g.hm>
Cc:	Matthew Garrett <matthew.garrett@...ula.com>,
	"keescook@...omium.org" <keescook@...omium.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"james.l.morris@...cle.com" <james.l.morris@...cle.com>,
	"serge@...lyn.com" <serge@...lyn.com>,
	"linux-security-module@...r.kernel.org" 
	<linux-security-module@...r.kernel.org>,
	"hpa@...or.com" <hpa@...or.com>
Subject: Re: Trusted kernel patchset

> Anything that encourages deploying systems that can't be upgraded to fix bugs 
> that are discovered is a problem.
> 
> This is an issue that the Internet of Things folks are just starting to notice, 
> and it's only going to get worse before it gets better.
> 
> How do you patch bugs on your non-volitile media? What keeps that mechansim from 
> being abused.

One example is flash memory that can only be written by a special part of
the system which verifies the signatures then writes the data to the
flash. That to most intents and purposes is "non volatile". In some
environments jumpers or particular sequences of holding buttons in may
deal with it - if they are handled such that malicious software cannot do
it.

Some systems go further than that and do measure the boot path - so
modern x86 firmware will typically not allow you to flash the BIOS
firmware except from measured firmware, and won't run the result without
checking signatures. Not everything goes that far.

The IoT and general security underfunding is a social and economic issue
however, and isn't soluble by technical means. It will be fixed when the
lawmakers finally stop listening to the lobbyists, or when something
*really bad* happens and they extend liability law to paid services and
licensed components of sold products on the back of either some massive
disruptive hack or serious loss of life.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ