From owner-freebsd-security@FreeBSD.ORG Tue Jul 11 21:22:42 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E3D116A4DE for ; Tue, 11 Jul 2006 21:22:42 +0000 (UTC) (envelope-from jmb@bresler.org) Received: from alnrmhc11.comcast.net (alnrmhc14.comcast.net [204.127.225.94]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5052143D72 for ; Tue, 11 Jul 2006 21:22:36 +0000 (GMT) (envelope-from jmb@bresler.org) Received: from newgate.bresler.org (bresler.org[68.34.41.237]) by comcast.net (alnrmhc14) with ESMTP id <20060711212235b14002jt8ge>; Tue, 11 Jul 2006 21:22:35 +0000 Received: by newgate.bresler.org (Postfix, from userid 10001) id 0692F25B17; Tue, 11 Jul 2006 17:22:34 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by newgate.bresler.org (Postfix) with ESMTP id F3F7722979; Tue, 11 Jul 2006 17:22:34 -0400 (EDT) Date: Tue, 11 Jul 2006 17:22:34 -0400 (EDT) From: Jonathan M Bresler To: Mike Tancsa In-Reply-To: <6.2.3.4.0.20060711165223.04bce500@64.7.153.2> Message-ID: <20060711170817.X94314@newgate.bresler.org> References: <77192.1152649343@critter.freebsd.dk> <20060711204521.80198.qmail@web30304.mail.mud.yahoo.com> <6.2.3.4.0.20060711165223.04bce500@64.7.153.2> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: freebsd-security@freebsd.org, Poul-Henning Kamp , "R. B. Riddick" Subject: Re: Integrity checking NANOBSD images X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Jul 2006 21:22:42 -0000 > >A switch like on those 1.44'' floppy discs would be good... > >But then software/OS updates would require physical access to the box... > > For this app, the problem is that there might indeed be physical > tampering with the box despite some reasonable efforts to lock it up. If the box is subject to tampering and not in a tamper-proof container, then it may be impossible to know whether or not the device has been tampered with or modified. seems to me that it would be possible to replace the device with one that emulates its behavior or rather intercepts connections (using the same ssh keys copied from the device) and relays the data on to the device, relaying responses back to you, all the while copying the cleartext data stream to another device. perhaps, you might consider setting it up so that if the box is opened the flash is zapped. > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >