Date: Sun, 30 Jul 2006 17:08:38 -0600 From: Brett Glass <brett@lariat.net> To: Jonathan M Bresler <jmb@bresler.org>, Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>, "R. B. Riddick" <arne_woerner@yahoo.com> Subject: Re: Integrity checking NANOBSD images Message-ID: <7.0.1.0.2.20060730165700.0948e898@lariat.net> In-Reply-To: <20060711170817.X94314@newgate.bresler.org> References: <77192.1152649343@critter.freebsd.dk> <20060711204521.80198.qmail@web30304.mail.mud.yahoo.com> <6.2.3.4.0.20060711165223.04bce500@64.7.153.2> <20060711170817.X94314@newgate.bresler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:22 PM 7/11/2006, Jonathan M Bresler wrote: >If the box is subject to tampering and not in a tamper-proof container, >then it may be impossible to know whether or not the device has been >tampered with or modified. It's true. Any attacker with sufficient knowledge of what you were doing and sufficient motivation could spoof the correct response. And of course relying upon the attacker not knowing what you're doing is "security by obscurity," which often works but might not provide the level of confidence you want. It occurs to me that there are two ways to deal with this sort of problem. One way is to make it unrewarding for the attacker to hack the boxes. The other is to make it too logistically difficult for the attacker to bother. For example, you could have two or more boxes in the same area checking one another in a sort of "tag team" arrangement. The communications links from all of them back to you might be slow, but the links between them could be lightning fast. If something odd happened (e.g. one of them suddenly did not respond or acted funny even for a millisecond) one or more of them could sound the alarm. The expense and difficulty of hacking them all simultaneously would go up exponentially with the number of "team mates." --Brett Glass
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7.0.1.0.2.20060730165700.0948e898>