From owner-freebsd-security@FreeBSD.ORG Mon Feb 23 04:54:41 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82063166 for ; Mon, 23 Feb 2015 04:54:41 +0000 (UTC) Received: from mail-ob0-f171.google.com (mail-ob0-f171.google.com [209.85.214.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46D82999 for ; Mon, 23 Feb 2015 04:54:40 +0000 (UTC) Received: by mail-ob0-f171.google.com with SMTP id gq1so34427684obb.2 for ; Sun, 22 Feb 2015 20:54:34 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=cvEJV0XNbtjY+bTZEBnNQoUElC1i9LJsGfqOfA4VGaw=; b=iNz2/EiDKvIlFfx2bfO1xFQAkVdrT29oG/Q3+IeyOoYJ35FrE58od4soqG9BnMrBqZ FirjFaR7GzJza/x7mze5fTeFK9q53kfgpaJHgolu3zuMhBUL2ffAwuomdVUjJjrQb0LZ ziN/tMxaGS1OM2hw8LLuOGdoy9CQ+dEvsO2KRXKg3XzWhKQ0KCer2APBLCSW8Jd7vh6/ NKSSrIMi9HQQPVOlf4k6iT6hJFEQ0iew5BHaf9Yp63xS1fhO+OqUPxpl1uC9dbachT88 1wbiIlUM4wjf4UMzGXs/6Z+ZOPB0TDlPTOh0/krRz2SH+2eu+ZdUtnNHu6BQ0sFk4KGB A8+w== X-Gm-Message-State: ALoCoQnNWhx2AdyjEjlAfiHlqrIGAariFrvWUnm1yeVkQt3Z2pOD44vqDzFaP+SxTZXQqGII/hso X-Received: by 10.60.92.66 with SMTP id ck2mr6379834oeb.30.1424666915888; Sun, 22 Feb 2015 20:48:35 -0800 (PST) MIME-Version: 1.0 Received: by 10.182.224.197 with HTTP; Sun, 22 Feb 2015 20:48:15 -0800 (PST) In-Reply-To: References: From: Tom Mitchell Date: Sun, 22 Feb 2015 20:48:15 -0800 Message-ID: Subject: Re: [Cryptography] trojans in the firmware To: Peter Gutmann X-Mailman-Approved-At: Mon, 23 Feb 2015 12:37:24 +0000 Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: cpunks , freebsd-security@freebsd.org, "cryptography@metzdowd.com" , grarpamp , Henry Baker X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Feb 2015 04:54:41 -0000 On Sun, Feb 22, 2015 at 3:45 PM, Peter Gutmann wrote: > Henry Baker writes: > > >BTW, what's the point of AES encryption on this pre-p0wned device? More > >security theatre? > > Almost. Its sole use is for very fast "drive erasure", i.e. you change the > key and the data on it becomes inaccessible. Have a look > Yes... In addition it can be of value for a remote wipe. This is interesting with phone home software that then discovers it has been reported lost. A small handshake and one company might duck having to report a massive data breach. The single largest value is the release of devices that once lived in an interesting location and needs to be transported to a destruction location. Perhaps not national secrets but Amazon or Google compute center.. or pharma... or medical records. More valuable to RAID vendors than customers of RAID vendors as it can be used to limit vendor liability as they replace one rack with a new one and have to manage the trash. Someone once commented to me that NSA and TLAs like milling machines and the curie point of media. All must transport the device to be trashed. Some individuals in the early steps of the custody chain might like a quick wipe method. Some should mention the terrible handling of disks in copy machines. This could help in the decommission or service process but does not solve bankruptcy induced problems. -- T o m M i t c h e l l