Jay D. Dyson writes: > -----BEGIN PGP SIGNED MESSAGE----- > > On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote: > > > > Yet another reason why Open Source is your friend. > > > > I did not mean to imply that I am running some variety of windows. I am > > interested in the technical problem of what is the state of the art for > > detecting whether or not a computer has been tampered with. The use of > > some version of un*x does not per se solve this. > > I'm afraid we're still in the "arms race" model in that respect. > Every time one party comes up with a new widget, another party quickly > follows with a widget-defeater. Then the original party releases an > updated widget with a widget-defeater-defeater feature. Then the opposing > party responds in kind. On and on it goes...like a dog chasing its tail. > > My original response handles the electronic portion of the > equation (though I do concede the point another writer made that all bets > are off when the day of the Backdoored BIOS arrives). If you mean only > the physical aspect of the equation, there are a number of tricks you can > use ranging from sealing a system with epoxy, locks and so on...or (for > those who dig Mission: Impossible stuff), boobytrapping a system to either > explode a dye-pack (like that used in banks) or commit digital seppuku if > an unauthorized party dicks with it. > > I must admit the dye-pack idea has a certain appeal to it. > Nothing would make my day like seeing some goons come out of my house with > bright Candy Apple Red faces.
I'm not actually worried about physical access at this point. Breaking and entering is a lot more difficult that hacking into a system, and frequently leaves evidence. More to the point, this is no different as a risk than that experienced whenever you use a physical ATM machine to access cash. My concern is with software access to a machine that is to be used in the same manner as an ATM. Paul --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]