Roy Keene (Contractor) wrote:
Thus if your workstation is in a significantly increased position of risk (i.e., you do not apply security patches, and are not on a network that blocks known-bad attackers, and there is no IDS/IPS) then any e-mail you send is at a significantly increased risk of being tampered with, and any encrypted transmission are at a significantly increased risk of being intercepted with.
This is only true if you're leaving the card in the reader. I would say don't do that; the card should only be inserted when the card is needed for an operation, limiting the window during which malicious code can piggyback an authenticated card session (or start its own).
Fundamentally this is a trusted path issue and is as true on managed as well as unmanaged machines. If you're interested in the problem, I recommend Balfanz & Felton's paper "Handheld computers can be better smart cards" as a starting point. (ObNameDrop: I was at USENIX SEC'99 where this paper was presented.)
Certainly, it still happens on a network that follows DISA guidelines, but it happens very infrequently and is almost always detected.
Isn't the illusion of security grand? ;) Seriously--as has been reported recently in the open media--there have been multiple, long-running intrusions into DoD networks that went undetected for months.
-- Tim
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
