At 04:20 30/12/2003, David Wagner wrote:
Ed Reed wrote:
>There are many business uses for such things, like checking to see
>if locked down kiosk computers have been modified (either hardware
>or software),

I'm a bit puzzled why you'd settle for detecting changes when you
can prevent them.  Any change you can detect, you can also prevent
before it even happens.
<skip>
I'm not sure I agree with your last statement. Consider a typical PC running some insecure OS and/or applications, which, as you said in earlier post, is the typical situation and threat. Since the OS is insecure and/or (usually) gives administrator priviledges to insecure applications, an attacker may be able to gain control and then modify some code (e.g. install trapdoor). With existing systems, this is hard to prevent. However, it may be possible to detect this by some secure monitoring hardware, which e.g. checks for signatures by the organization's IT department on any installed software. A reasonable response when such violation is detected/suspected is to report to the IT department (`owner` of the machine).


On the other hand I fully agree with your other comments in this area and in particular with...
...
Summary: None of these applications require full-strength
(third-party-directed) remote attestation.  It seems that an "Owner
Override" would not disturb these applications.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to