I'm not an expert, I just know what I read, and I go by my instincts and
reasoning. Whether or not your question was lame or not, perhaps that's up
for discussion. Either way, that description might not have been the best
considered on my part.
To set the record straight, e-mail is almost _never_ a trusted path. I stand
by my opinion that I think your proposed buisness model is in need of serious
rework, and that attempting to provide secured hardware at low or not cost is
not an effective way to make money/provide reliable service. Please
understand that I'm not an expert in business either, but again, I know what
I know and I go by my instincts and reasoning.
Protecting your investment is a good thing, freely distributing your
investment doesn't seem like a great way to protect it, to me, anyway.
Perhaps you can add "Secrets and Lies" by Bruce Schneier to your reading
list. It might provide you with some insight into the trusted hardware
problem.
I do wish you the best of luck in your endeavour, however, and I hope that I
haven't irreprably offended you. And yeah, I'll try to be more cordial in the
future.
Alex
[EMAIL PROTECTED]
[EMAIL PROTECTED]
On Monday 25 June 2001 03:58 pm, Patrick Valsecchi wrote:
> Hi Alex
>
> Thank you for the "lame-ass question". I'm not a specialist in computer
> security, I'm just beginning to learn. I just asked this "lame-ass"
> question to have a feedback and see in what direction my studies must go.
> So, in the future try to be more compassionate with beginners, please.
>
> With the answers I've got from the mailing list, now I have:
> - List of books for this subject.
> - What would be my main problems.
> - Good starting points for my reflexions.
>
> Therefore, instead of being rude with me, you can give some other advice
> (books or ideas).
>
> For comming back on Christoph's mail, C will offer a good service. But for
> that C have to provide a good general purpose hardware. Even if you offer a
> good service, you'll always have people taking this good hardware for free
> while not using it with C products. Just imagine you own a tennis court and
> give rackets for free to your customers (marketing practice). People will
> just come to your company once and then go to another tennis court with the
> racket you gave them. Won't you try to protect yourself against that?
>
> Alex was right when he said the thread is dead. Now I have all the
> information I need to start to study on my own. Thanks for the helpfull
> answers you sent me.
>
> Have a good day.
>
> PS: If you (Alex) are a highly skilled person in security, could you
> explain me why I received this mail? Good demonstration of trusted path,
> isn't it?
>
> Quoting Alex Russell <[EMAIL PROTECTED]>:
> > I think the thread is dead. The orginal poster has been removed from
> > the
> > list (Dave does that to people who ask lame-ass questions).
> >
> > You're right, the business model he was proposing was all kinds of
> > dumb.
> > It's been tried before and works marginally (if at all). The guy didn't
> > have
> > a threat model in place, an acceptable attrition rate for hardware, or
> > a
> > real definition of what he wanted his hardware to be trusted
> > for/against. If
> > you can't trace a path of trust through a system, it's security value
> > is
> > dubious to say the least, and this guy didn't seem to understand what
> > a
> > trust path even implied.
> >
> > Alex
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> >
> > ----- Original Message -----
> > From: "Christoph Plattner" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Sent: Monday, June 25, 2001 4:28 PM
> > Subject: Re: MUSCLE Disk encryption and more
> >
> > > Ok, it's offtopic here, but I don't think, it is a good idea
> > > to use such policy. Why to protect such thing ??
> > >
> > > A good policy is to setup a box and to have a model earning
> > > money on services not on the boxes or the system (linux).
> > >
> > > The user can do what ever he/she wants to do, if the user
> > > disconfigured the system, it his personal problem. Or it is
> > > a good idea to do a protection (check) over the configuration.
> > >
> > > But the user has to pay for services, C offers ...
> > >
> > > With friendly regards
> > > Christoph P.
> > >
> > > Patrick Valsecchi wrote:
> > > > Hi
> > > >
> > > > My company is working for another company (let call it C) that is
> >
> > going
> > to
> >
> > > > provide Linux boxes to its customers. As C is going to give them
> >
> > free or
> > for a
> >
> > > > small fee, C doesn't want the customers to use the boxes for
> >
> > another
> > purpose
> >
> > > > that the one specified by C.
> > > >
> > > > C doesn't want the user to be able to:
> > > > - run another kernel than the one S provides
> > > > - run executables that have not been signed by authorized
> >
> > developpers
> > or that
> >
> > > > have been modified (signed executables)
> > > > - change or alter the dynamic libraries (signed .so files)
> > > > - have access to the binary of some executables (for avoiding
> >
> > reverse
> >
> > > > engineering)
> > > > - save a file and give the disk to a friend (encrypted files, but
> >
> > I
> > need to
> >
> > > > be fast on read and write, here)
> > > >
> > > > All that by using:
> > > > - a SmartCard
> > > > - a modified kernel
> > > > - a specialised hardware for encryption
> > > > - maybe a modified loader (lilo)
> > > >
> > > > And that mustn't be just simple tricks, we must protect those
> >
> > boxes
> > against
> >
> > > > very skilled hackers.
> > > >
> > > > Is there existing projects on those subjects? Is anybody already
> >
> > worked
> > on it?
> >
> > > > Thanks for your help.
> > > >
> > > > ---
> > > > -°) Patrick Valsecchi
> > > > /\\
> > > > _\_v
> > > > ***************************************************************
> > > > Linux Smart Card Developers - M.U.S.C.L.E.
> > > > (Movement for the Use of Smart Cards in a Linux Environment)
> > > > http://www.linuxnet.com/smartcard/index.html
> > > > ***************************************************************
> > >
> > > --
> > > -------------------------------------------------------
> > > private: [EMAIL PROTECTED]
> > > company: [EMAIL PROTECTED]
> > > ***************************************************************
> > > Linux Smart Card Developers - M.U.S.C.L.E.
> > > (Movement for the Use of Smart Cards in a Linux Environment)
> > > http://www.linuxnet.com/smartcard/index.html
> > > ***************************************************************
>
> ---
> -°) Patrick Valsecchi
> /\\
> _\_v
>
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************
