Date: Tue, 5 Jan 1999 07:53:36 +1100 From: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> To: current@FreeBSD.ORG Subject: Re: New boot blocks for serial console ... Message-ID: <99Jan5.075256est.40325@border.alcanet.com.au>
next in thread | raw e-mail | index | archive | help
"Jordan K. Hubbard" <jkh@zippy.cdrom.com> wrote: >> They will guarantee that you will not get access to anything in >> the computer. Last perimeter will inject 220V (mains) through >> vital bits of the computer (including your flash disk) if broken. > >I'm curious how many codicils there are in their contract about >"tamper-proof", however. Probably no more than the software vendor puts in theirs :-). > Let's suggest, for example, that the mains >power is cut first The energy required to adequately fry the semiconductors could be easily stored in capacitors within the box - and even rigged to trigger immediately if the mains disappears (maybe only if the appropriate incantation is not provided beforehand). > If they can remove the flash disk, they've pretty >effectively compromised the data Alternatively, you store the data in volatile RAM. That means the attacker has to maintain power to the RAM whilst removing power from the defenses/offenses. EFTPOS PINpads normally have the DES key stored in volatile RAM inside an epoxy blob with the power wires woven through it to discourage copying. (Against which, I've seen an interesting article (maybe in comp.risks) about volatile RAM having sufficient remanence to allow most of the key to be recovered anyway). Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99Jan5.075256est.40325>