On 4/20/05, Stewart Stremler <[EMAIL PROTECTED]> wrote:
> begin quoting Rachel Garrett as of Wed, Apr 20, 2005 at 12:05:15PM -0700:
> > On 4/20/05, Stewart Stremler <[EMAIL PROTECTED]> wrote:
> [snip]
> > > And how does it protect your data?
> > >
> > > ("By preventing a compromise of the OS." is not an acceptable answer.)
> >
> > Why not? I have a hard time imagining a way for a system to protect
> > data without protecting the OS. (In a sense, isn't it all just data?)
>
> That's more-or-less the wrong way round.
>
> What good is protecting the OS if you don't protect the data?
How do you protect the data? That's what I want to know. You wanted
Tracy to give an example of how SELinux protected his data, but not to
say it protects his data by protecting his OS. So I'm asking how an
operating system could conceivably protect data, in a way that cannot
be construed as "protecting the OS."
> And yes, it's all data, but the OS data is easy to get back. User data
> isn't. So why worry about the data that's easy to get back?
Because you might not know it's "gone" (i.e., compromised) in the
first place. So you might do things in the mean time that would
compromise your user data.
>
> > Even if you had a system that automatically encrypted data when you
> > saved it, someone who had compromised your OS could conceivably
> > replace that chunk of code with their own "encryption" scheme,
> > couldn't they?
>
> If you're running in a single-user mode, they'll compromise you on the
> way to compromising the OS. And there goes the security for your data.
But if you're running as root, you're making it easy for them to
compromise your data *on an ongoing basis.* It's harder for them to
cover their tracks if you were running as something other than root. I
know I'm not telling you anything new, but I don't understand why
that's not an argument against a single user running as root.
> But an encrypted disk is an interesting idea. How do you keep the
> intruder, who has compromised your account, from intercepting your
> password/passphrase and gaining access to your data?
You can't. Encrypting the data was the only thing that came to my mind
that could be classified as "protecting data," not "protecting the
OS." And I was saying that even with encrypted (protected) data, it's
not really protected if the attacker got access to the OS.
> If there were a way to provide the key out-of-band, perhaps... and
> keep programs from getting at it. Except when you want them to.
Sony filed a patent for a device that would use targeted
electromagnetic impulses to alter neuronal firing patterns in specific
parts of your brain, allowing you to "smell" and "feel" games, movies,
etc. But it's not even in development yet, and I think it will be a
while before they go the other way and try to get your computer to
read your mind.
--Rachel
--Rachel
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
