Full Disclosure mailing list archives
Re: Full-Disclosure Digest, Vol 65, Issue 7
From: Valdis.Kletnieks () vt edu
Date: Mon, 05 Jul 2010 23:15:19 -0400
On Mon, 05 Jul 2010 21:48:53 EDT, Mary and Glenn Everhart said:
Might I suggest that in addition to discussing how to defend against software attacks, that it is also useful to devise methods and protocols that will function even where the systems being used to communicate are infected with malware?
The consensus in the security world is that, in general, if a system has been infected with sufficiently virulent malware, it's impossible to do *any* reliable computing on it. Consider a system with a keystroke logger on it - anything you type is compromised the instant you hit the key. (And before you say "how about a mouseable keyboard on the screen", I'll point out that some banks have tried that, and it's already been pwned). Similar arguments hold for any other function - if the attacker controls the vertical and horizontal, you're basically screwed. So there's not been a lot of research on the topic from the white-hat end. Most likely, you'll find most of the good work in this area over in the black-hat world, as they're continually trying to find ways to do reliable computing on a machine owned by the adversary. There is a slim chance that with hardware assistance such as a smart card, it may be possible to open up an encrypted communications session from the smart card *through* the compromised system to an external endpoint. However, such a card would have very limited ability to introspect the system unless you expand the scope drastically - and at that point, you're basically re-inventing the TPM chipset.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Full-Disclosure Digest, Vol 65, Issue 7 Mary and Glenn Everhart (Jul 05)
- Re: Full-Disclosure Digest, Vol 65, Issue 7 Valdis . Kletnieks (Jul 05)