Hi Torin, A smart-card is a hundred times "smarter" than a TPM. Many GSM phones today already deploy U-SIM chips, which are smart cards.
Perhaps Android can make use of this underlying hardware (assuming it is present). /thomas/ On Tue, Nov 3, 2009 at 11:02 AM, Torin Walker <[email protected]> wrote: > I am serious about finding an answer, but I am forced to work with > devices in the field which means, at least for the present, no TPM at > my disposal. > > Though theoretically a kernel could produce whatever values it wants > through /dev/mds/mds1,2, one could trust it to the point that an > attacker would have to perform some minor surgery on the kernel if he > were to spoof the values from a legitimate one. While it's not > foolproof, it does increase the complexity of overriding the security > inherent in performing a hash on the bootloader and kernel values, > which adds *some* level of additional security against casual script- > kiddie attacks. (Unless the script kiddie has an Uncle Torvalds, of > course.) > > This brings me back to my original supposition that I should like to > perform a signature on the stream that comes from /dev/mds/mds1,2, > which I seem unable to do. I assume that if one can back up the > bootloader and kernal images merely by > > cp /dev/mds/mds1 /tmp/bootloader_image.backup > cp /dev/mds/mds2 /tmp/kernel_image.backup > > it stands to reason that I should be able to run the file through an > MD5 or other suitable checksum. Doesn't it? If so, why does it crash > so heinously? > > I'm in the process of git'ting the Android cupcake kernel so I can > wade through the /dev/mds/mds* code to see why my assumption has > failed. With any luck, someone here will shortcut my efforts with an > explanation. > > > Torin... > -- > > On Nov 2, 7:59 pm, "[TH]" <[email protected]> wrote: > > This is the Root of Trust (ROT) question, which seems > > to be asked again and again. (e.g. how do I know the pre-boot > > environment and the loader have not been tampered with, etc etc). > > > > If you are serious about seeking an answer, > > I would suggest looking at the work of the folks > > in the Trusted Computing Group (TCG), in particular > > on using the TPM hardware as a root of trust. > > > > And no, the TCG and TPM is not about DRM :-) > > > > /thomas/ > > hardjono[at]mit.edu > > > > On Nov 1, 5:12 pm, Torin Walker <[email protected]> wrote: > > > > > > > > > I'm looking for a way to authenticate the bootloader and kernel images > > > to ensure the OS has not been tampered with from some factory default. > > > > > One way I imagined doing this is to perform a cryptographic hash on > > > > > /dev/mtd/mtd1 (bootloader image), and > > > /dev/mtd/mtd2 (kernel image), > > > > > but opening up either of these devices into a CheckedInputStream (for > > > CRC32 validation, for example) results in an enormous crash. Not only > > > does the device stop responding, but the android debug bridge crashes > > > and no longer recognizes any attached devices until Windows Vista (go > > > figure) is rebooted. > > > > > Can anyone suggest a better method for validating that the Operating > > > System has not changed (i.e. The bootloader and kernel are factory > > > defaults?) > > > > > Torin...- Hide quoted text - > > > > - Show quoted text - >
