[147826] in cryptography@c2.net mail archive
Re: [Cryptography] programable computers inside our computers
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Wed Oct 23 13:53:21 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <201310230111.r9N1BVqQ023794@new.toad.com>
Date: Wed, 23 Oct 2013 09:53:49 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: John Gilmore <gnu@toad.com>
Cc: Ruben Pollan <meskio@sindominio.net>,
Viktor Dukhovni <cryptography@dukhovni.org>, Tom Ritter <tom@ritter.vg>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============3855733548344464443==
Content-Type: multipart/alternative; boundary=001a11c3fe90c412f904e968d8da
--001a11c3fe90c412f904e968d8da
Content-Type: text/plain; charset=ISO-8859-1
On Tue, Oct 22, 2013 at 9:11 PM, John Gilmore <gnu@toad.com> wrote:
> > >> We thought embedded devices were for physical infrastructure
> > >> engineers to worry about, but now they are proliferating inside
> > >> our general purpose computers. The next Stuxnet will run on one
> > >> of the invisible computers inside your computer.
>
> It is probably ALREADY running there.
>
> With regard to the invisible single-chip computer that sits on every
> server's motherboard (thanks, you idiots at Intel), I can't say it any
> better than Dan Farmer:
>
> IPMI: Express Train to Hell, v2.0
> dan farmer/zen@trouble.org
> http://fish2.com/ipmi/itrain-gz.pdf
All I want from a trusted computing base is the ability to store private
keys and make use of them in a way that prevents them being extracted by an
attacker without physical access to the machine and reasonably advanced
equipment.
The ability to tell a server to reboot remotely and to only load the O/S
image that I authorized would also be useful. In a very large installation
I might want the ability to drop ship the machine and have it boot from the
network the first time.
Instead we get...
None of these functions would be useful to me unless they were part of an
open standard because however good one vendor's tools are, the cost of lock
in is never acceptable.
--
Website: http://hallambaker.com/
--001a11c3fe90c412f904e968d8da
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Tue, Oct 22, 2013 at 9:11 PM, John Gilmore <span dir=3D"ltr"><=
;<a href=3D"mailto:gnu@toad.com" target=3D"_blank">gnu@toad.com</a>></sp=
an> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">> >> We thought embedded devices we=
re for physical infrastructure<br>
> >> engineers to worry about, but now they are proliferating insi=
de<br>
> >> our general purpose computers. =A0The next Stuxnet will run o=
n one<br>
> >> of the invisible computers inside your computer.<br>
<br>
It is probably ALREADY running there.<br>
<br>
With regard to the invisible single-chip computer that sits on every<br>
server's motherboard (thanks, you idiots at Intel), I can't say it =
any<br>
better than Dan Farmer:<br>
<br>
=A0 IPMI: Express Train to Hell, v2.0<br>
=A0 dan farmer/<a href=3D"mailto:zen@trouble.org">zen@trouble.org</a><br>
=A0 <a href=3D"http://fish2.com/ipmi/itrain-gz.pdf" target=3D"_blank">http:=
//fish2.com/ipmi/itrain-gz.pdf</a></blockquote><div><br></div><div>All I wa=
nt from a trusted computing base is the ability to store private keys and m=
ake use of them in a way that prevents them being extracted by an attacker =
without physical access to the machine and reasonably advanced equipment.=
=A0</div>
<div><br></div><div>The ability to tell a server to reboot remotely and to =
only load the O/S image that I authorized would also be useful. In a very l=
arge installation I might want the ability to drop ship the machine and hav=
e it boot from the network the first time.</div>
<div><br></div><div>Instead we get...</div><div>=A0</div></div><div class=
=3D"gmail_extra"><br></div><div class=3D"gmail_extra"><br></div>None of the=
se functions would be useful to me unless they were part of an open standar=
d because however good one vendor's tools are, the cost of lock in is n=
ever acceptable.<br clear=3D"all">
<div><br></div>-- <br>Website: <a href=3D"http://hallambaker.com/">http://h=
allambaker.com/</a><br>
</div></div>
--001a11c3fe90c412f904e968d8da--
--===============3855733548344464443==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============3855733548344464443==--
