Re: Full-Disclosure Digest, Vol 65, Issue 7

[Valdis.Kletnieks () vt edu]

On Mon, 05 Jul 2010 21:48:53 EDT, Mary and Glenn Everhart said:
> Might I suggest that in addition to discussing how to defend against 
> software attacks, that it is also useful to devise methods and protocols 
> that will function even where the systems being used to communicate are 
> infected with malware?

The consensus in the security world is that, in general, if a system has been
infected with sufficiently virulent malware, it's impossible to do *any*
reliable computing on it.  Consider a system with a keystroke logger on it -
anything you type is compromised the instant you hit the key. (And before you
say "how about a mouseable keyboard on the screen", I'll point out that some
banks have tried that, and it's already been pwned). Similar arguments hold for
any other function - if the attacker controls the vertical and horizontal,
you're basically screwed. So there's not been a lot of research on the topic
from the white-hat end. Most likely, you'll find most of the good work in this
area over in the black-hat world, as they're continually trying to find ways to
do reliable computing on a machine owned by the adversary.

There is a slim chance that with hardware assistance such as a smart
card, it may be possible to open up an encrypted communications session from
the smart card *through* the compromised system to an external endpoint.
However, such a card would have very limited ability to introspect the
system unless you expand the scope drastically - and at that point, you're
basically re-inventing the TPM chipset.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/