[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Cryptography] You can't trust any of your hardware



----- Forwarded message from ianG <[email protected]> -----

Date: Mon, 04 Aug 2014 11:31:39 +0100
From: ianG <[email protected]>
To: [email protected]
Cc: Jerry Leichter <[email protected]>
Subject: Re: [Cryptography] You can't trust any of your hardware
Message-ID: <[email protected]>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

On 4/08/2014 03:28 am, Jerry Leichter wrote:
> On Aug 2, 2014, at 8:54 PM, Nemo <[email protected]> wrote:
>>> How many USB devices have ever been patched after sale?
...
> There are few sharp lines here, but there is a very broad, very heavily populated, set of "USB devices" that we commonly look at as having fixed functions based on code that will never be changed.  USB memory sticks are extremely cheap and produced in the hundreds of millions.  No one thinks of them as active devices.  And yet ... they are.  They contain significant processing power running non-trivial code - and that code can be replaced.  That's the big message here.  Yes, obvious in retrospect - but how much have *you* thought about defenses against legitimate memory sticks from major manufactures that have had their standard firmware replaced with attack code?

In CAcert we used the USB memory sticks for sneaker-packets in
key-signing ceremonys, and for later escrow.  We use 2 for each.  They
are to be purchased at a random retail street store on the day.  Those
not escrowed are destroyed afterwards.

We might need to rethink the approach, perhaps with open source designs?



iang
_______________________________________________
The cryptography mailing list
[email protected]
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----