One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 5812291 |
| Date de publication | 2022-07-18 16:45:38 (vue: 2022-07-18 05:05:34) |
| Titre | Skyscraper of cards |
| Texte |  Having put it off for far too long, I'm belatedly trying to catch up with some standards work in the area of Root of Trust, which for me meant starting with the basics, studying simple introductory articles about RoT.As far as I can tell so far, RoT is a concept - the logical basis, the foundation on which secure IT systems are built.'Secure IT systems' covers a huge range. At the high end are those used for national security and defence purposes, plus safety- and business-critical systems facing enormous risks (substantial threats and impacts). At the low end are systems where the threats are mostly accidental and the impacts negligible - perhaps mildly annoying. Not being able to tell precisely how many steps you've taken today, or being unable to read this blog, is hardly going to stop the Earth spinning on its axis. In fact' mildly' may be overstating it.'Systems' may be servers, desktops, portables and wearables, plus IoT things and all manner of embedded devices - such as the computers in any modern car or plane controlling the engine, fuel, comms, passenger entertainment, navigation and more, or the smart controller for a pacemaker Trust me, you don't want your emotionally disturbed ex-partner gaining anonymous remote control of your brakes, altimeter or pacemaker.In terms of the layers, we the people using IT are tottering precariously on the top of a house of cards. We interact with application software, interacting with the operating system and, via drivers and microcode, the underlying hardware. A 'secure system' is a load of software running on a bunch of hardware, where the software has been designed to distrust the users and administrators, other software and the hardware, all the way down to, typically, a Hardware Security Module, Trusted Platform Module or similar dedicated security device, subsystem or chip. Ironically in relation to RoT, distrust is the default, particularly for the lower layers unless/until they have been authenticated - but there's the rub: towards the bottom of the stack, how can low-level software be sure it is interacting with and authenticating the anticipated security hardware if all it can do is send and receive signals or messages? Likewise, how can the module be sure it is interacting with the appropriate low-level software? What prevents a naughty bit of software acting as a middleman between the two, faking the expected commands and manipulating the responses in order to subvert the authentication controls? What prevents a nerdy hacker connecting logic and scope probes to the module's ports in order to monitor and maybe inject signals - or just noise to see how well the system copes? How about a we |
| Envoyé | Oui |
| Condensat | at having that 27070:2021 able abort about access accidental acting added addresses administrators again all also altimeter ambient analyse annoying anonymous anticipated any application appointed appropriate are area articles assembly atm attacks attempt attempting authenticated authenticating authentication axis backdoors bank basics basis been before being belatedly between bit blog both bottom brakes brute built bunch business but can car cards catch channel cheat chip cloud cluster coded codes coming commands comms computer computers computing concept connecting control controller controlling controls copes could coupled covers critical crooks crypto cryptography debugging decapsulate dedicated default defence design designed desktops despite destroys developing device devices disable distrust disturbed don down drivers dynamic earth electron embedded emotionally encryption end engine enormous entertainment even expected extra facing fact failing fairly faking far fascination figuring finding floors force foundation fuel further gaining global going good hacker hackers hard hardly hardware hardware/electronic has have having head high hope house how huge hurts idiot imagine impacts impossible in inject inner inscrutable insider install interact interacting internet introductory iot ironically iso/iec its itself jtag just key know knowledge knows layers least level likewise limiting line load locate logic logical long loose low lower make manipulating manner many may maybe meant measure mechanisms messages microcode microscope middleman mildly missile modern module monitor monitoring more mostly mount must national naughty navigation negligible nerdy noise not now nuclear oblivion off open operating order other out overstating pacemaker painstakingly particularly partner passenger people perhaps physical physically plane platform plus portables ports possibility possibly power precariously precisely prevents primary probes process processes processor producing products purposes put range rate read receive relation remote responses reveal risks root rot rub: running sacrificing safety say scope secret secrets secure securing security see send servers several sharing shipping side signals silicon similar simple skyscraper smart software some somehow someone spinning spooks spring stack standards start starting steps stop studying substantial subsystem subvert such supply sure surely system systems taken taking team tell temperature temptation terms testing them there things think those threats today too top tottering tough towards tpm trapdoors tries tripping tripwires trust trusted trying two typically ultimately unable under underlying unless/until use used users using vertigo virtual virtually wafer want warhead way wearables well what where which who within without work wrong you your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.