Re: "The organization I belong to doesn't have initals"(that evil dude in Heroes)

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

dan () geer org wrote:
>  | I think the real point here is that the majority of people responsible
>  | for security have a backwards mindset.  Most security practitioners
>  | still don't make the assumption that everything is vulnerable and
>  | design around it.  Of course IIS is vulnerable to an unpublished 0day.
>
>
> so, should one write apps with the assumption that
> will be running on compromised hosts?
>
> --dan

Which is exactly what a full Palladium install is. The hardware
separates processes from the OS in such a way that although the OS can
manage your process, it can't read your GPG secret key. The wacky
thing is, not only can you authenticate a process this way, but the
hypervisor can authenticate over the network too, which means you can
authenticate to www.buycrappymusic.com that you are running a
completely unmodified audio player which is spitting encrypted sound
all the way to the speakers.

So there's both good and bad here. GOOD: Attacker with SYSTEM can't
get my GPG key or read my email. BAD: RIAA owns me. GOOD: Thieves
can't get my credit card off my laptop. BAD: I can't do forensics on
the laptop because thief has encrypted his process memory. :>

- -dave

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFFXH60B8JNm+PA+iURAqgUAJ9zoYWJNUdZbwGZ7trcvOry/e6gfgCfc6j4
05IJ6bqbvrxh23Bv5DK1gRs=
=5RjK
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave