Guaranteeing running code is signed

Matthew Woehlke mw_triad at users.sourceforge.net
Tue May 12 19:54:20 UTC 2009


Basil Mohamed Gohar wrote:
> On 05/10/2009 09:31 PM, Krzysztof Halasa wrote:
>> Björn Persson writes:
>>> It's impossible to verify the security of a computer system from within the 
>>> system itself. If a malicious person may have had root access, then RPM, GPG, 
>>> SElinux and the auditing subsystem may all have been tampered with and you 
>>> can't trust that they tell you the truth. Reinstalling is the only way to be 
>>> sure.
>> Sure? Someone may have planted something in a motherboard flash ROM
>> (easy), in VGA flash, in CD/DVD flash, in HDD flash and/or "service"
>> sectors etc.
>>
>> You can't be 100% sure that a brand-new hardware is clean.
> 
> Shift this register/logic enough in one direction, and it's going to
> overflow into "just trust everything"...

Indeed. (I've read stuff about military testing microchips to verify 
that the circuitry is correct. Forget flash, eeprom, even rom; do you 
trust the fab plant that built your CPU?)

-- 
Matthew
ENOWIT: .sig file for this machine not set up yet




More information about the fedora-devel-list mailing list