[148347] in cryptography@c2.net mail archive
Re: [Cryptography] Kindle as crypto hardware
daemon@ATHENA.MIT.EDU (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_l)
Wed Dec 4 13:27:55 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <CAMm+LwghpHz6Wy6AMVTqUednC_FA-T-6+DRvmVH=0BzEVmQPew@mail.gmail.com>
From: =?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?= <l@odewijk.nl>
Date: Wed, 4 Dec 2013 14:39:03 +0100
To: Phillip Hallam-Baker <hallam@gmail.com>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============8964308123719903961==
Content-Type: multipart/alternative; boundary=001a11c2fcb8767acf04ecb58a64
--001a11c2fcb8767acf04ecb58a64
Content-Type: text/plain; charset=UTF-8
2013/12/4 Phillip Hallam-Baker <hallam@gmail.com>
> And very unlikely that anyone has backdoored the existing stocks.
>
Doesn't it carry Linux under it's skin? Regardless, what rights does Amazon
have? Doesn't it just include "read block level data"? It has WiFi or even
3G, whose chips themselves come with exploits. I'm little aware about
exploits to specific hardware chips.
I do think you could fry the WiFi, easily input messages, and use it as a
simple textual data storage device. You can even encrypt the data behind a
solid password.
It is a tad big for what you want it to be though.
I'd also need more info about your demands. It's also important to consider
redundant storage, which will be hard with a single Kindle. Having multiple
Kindles has it's own problems, especially because it's either a lot of work
or requires Internet. And Kindles break. Someone sat on mine at some point,
and it becomes instantly useless.
And, if you write your own software, why not build your own device? Take a
Raspberry or Arduino, a simple display (a non volatile one if you like) and
~30-40 of pushbuttons for a keyboard + controls (depends on what you want
with it). The Raspberry is open source more than most others, and might've
had sufficient scrutiny to find exploits on the hardware level (probably
not). The Arduino is build on such a simplistic little chip that it can
hardly have exploits, except where it's just a bad RNG and fully timeable
input. But you expect those. It takes a little wiring together, but it
should be on the simpler side of hardware projects. Order the parts of
digikey or the like, make the printboard on https://upverter.com/, order it
off of any local manufacturer (pay extra but actually get what you asked
for), solder that stuff on.
Tips on DIY hardware or tips on DIY hardware welcome.
--001a11c2fcb8767acf04ecb58a64
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">2013=
/12/4 Phillip Hallam-Baker <span dir=3D"ltr"><<a href=3D"mailto:hallam@g=
mail.com" target=3D"_blank">hallam@gmail.com</a>></span><br><blockquote =
class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1=
px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:=
1ex">
<div>And very unlikely that anyone has backdoored the existing stocks.<br><=
/div></blockquote></div><br>Doesn't it carry Linux under it's skin?=
Regardless, what rights does Amazon have? Doesn't it just include &quo=
t;read block level data"? It has WiFi or even 3G, whose chips themselv=
es come with exploits. I'm little aware about exploits to specific hard=
ware chips.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">I do think =
you could fry the WiFi, easily input messages, and use it as a simple textu=
al data storage device. You can even encrypt the data behind a solid passwo=
rd.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">It is a tad=
big for what you want it to be though.</div><div class=3D"gmail_extra"><br=
></div><div class=3D"gmail_extra">I'd also need more info about your de=
mands. It's also important to consider redundant storage, which will be=
hard with a single Kindle. Having multiple Kindles has it's own proble=
ms, especially because it's either a lot of work or requires Internet. =
And Kindles break. Someone sat on mine at some point, and it becomes instan=
tly useless.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">And, if you=
write your own software, why not build your own device? Take a Raspberry o=
r Arduino, a simple display (a non volatile one if you like) and ~30-40 of =
pushbuttons for a keyboard + controls (depends on what you want with it). T=
he Raspberry is open source more than most others, and might've had suf=
ficient scrutiny to find exploits on the hardware level (probably not). The=
Arduino is build on such a simplistic little chip that it can hardly have =
exploits, except where it's just a bad RNG and fully timeable input. Bu=
t you expect those. It takes a little wiring together, but it should be on =
the simpler side of hardware projects. Order the parts of digikey or the li=
ke, make the printboard on=C2=A0<a href=3D"https://upverter.com/">https://u=
pverter.com/</a>,=C2=A0order it off of any local manufacturer (pay extra bu=
t actually get what you asked for), solder that stuff on.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">Tips on DIY=
hardware or tips on DIY hardware welcome.</div><div class=3D"gmail_extra">=
<br></div></div>
--001a11c2fcb8767acf04ecb58a64--
--===============8964308123719903961==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============8964308123719903961==--
