On Wed, Oct 06, 2010 at 12:55:18PM +1300, Robert Collins wrote: > On Wed, Oct 6, 2010 at 12:49 PM, Kees Cook <kees.c...@canonical.com> wrote: > > TCB isn't seriously even on the horizon yet. And it doesn't really help > > this situation either. > > > > Or, alternatively: /me runs screaming from TCB > > Ok, so in all seriousness - see back a few messages in the thread > where I put up a strawman for what we might *aim* at. I'd love it if > you could alter that to make sense - not shying from Big Things, but > going in a sensible direction. > > Then we can look at how to build up to it, including plumbing changes etc.
I believe TCB to be so unrealistic a goal as to basically ignore that it exists at all. The prerequisites are pretty extreme: 1) everyone has TCB-capable hardware (TPM is more and more common, but far from ubiquitous). 2) the boot loader supports it (at present, the grub developers are fundamentally against an TCB support at any time ever). 3) the kernel itself is actively hardened from attack (getting PaX into the Ubuntu kernel will likely be a decade-long effort). 4) everyone's primary OS partition is encrypted and re-measured every time any executable software is installed. This, in itself, is an extremely hard to manage problem, but without the stuff above it, useless to go after. Only after all that is in place is there a chance to depend on TCB infrastructure to avoid tampering of your application. Don't get me wrong, I'd like to see it just so I can be sure the kernel and OS I'm running are, in fact, what I think they are, but the ways TCB can be used for evil are scary (see grub authors). I'm not quite there yet, but many believe TCB and free software to be fundamentally incompatible given how TCB continues to be implemented by hardware manufacturers. -Kees -- Kees Cook Ubuntu Security Team _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
