Re: IBM to built crypto-on-a-chip into all its PCs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 29 Sep 1999, William H. Geiger III wrote: If you do not trust the crypto processor then you should throw the whole machine out - there are *so* many other ways that IBM could have compromised the system. So you suggest the head in the sand approach? There are so many different ways a system can be compromised so we will just ignore them all? Surely you are not naive enough to blindly trust someone's crypto black box just because they say it's secure? Surely you are not naive enough to blindly trust someone's black box of a CPU just because they say it is not contain trapdoors? This applies even more so for operating systems. Have you audited every line of Warp 4.0? Of course not, but you are willing to rant about the alleged insecurity of a crypto chip by the very same vendor. You don't see the inconsistency? Regards, Damien Miller - -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.ilogic.com.au/~dmiller | Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work) -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE38t6QormJ9RG1dI8RAguOAKCa5hMRymU0i+dq31qR/Vseobmc8gCfegXY 80q/C5xn1dVVDcBNoSJ4yoU= =8iQs -END PGP SIGNATURE-
Re: IBM to built crypto-on-a-chip into all its PCs
In v04210101b41578834ee3@[204.167.100.139], on 09/27/99 at 03:41 PM, Robert Hettinga [EMAIL PROTECTED] said: Probably IBM will first want to see how attractive the technology is to punters. At least the approach of using an ancillary encryption chip should keep IBM safe from the nightmare Intel faced when it attempted to railroad CPU ID numbers on users. No Code == No Trust! This has all the security/trust problems that Intel's RNG does and more. I wouldn't touch this thing with a ten foot poll. --- William H. Geiger III http://www.openpgp.net Geiger ConsultingCooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii Hi Jeff!! :) ---
Re: IBM to built crypto-on-a-chip into all its PCs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 28 Sep 1999, William H. Geiger III wrote: In v04210101b41578834ee3@[204.167.100.139], on 09/27/99 at 03:41 PM, Robert Hettinga [EMAIL PROTECTED] said: Probably IBM will first want to see how attractive the technology is to punters. At least the approach of using an ancillary encryption chip should keep IBM safe from the nightmare Intel faced when it attempted to railroad CPU ID numbers on users. No Code == No Trust! This has all the security/trust problems that Intel's RNG does and more. I wouldn't touch this thing with a ten foot poll. I don't see what this paranoia gains you. If you do not trust the crypto processor then you should throw the whole machine out - there are *so* many other ways that IBM could have compromised the system. This is doubly interesting given you choice of operating system (as mentioned in your .sig). Regards, Damien Miller - -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.ilogic.com.au/~dmiller | Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work) -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE38r9IormJ9RG1dI8RAlKbAJ0ZfyuIjjyJ8MYfD0K5r/c/ieHtQwCggqcf Iu2q9DmK5cLmtKSUWceJras= =Ok+o -END PGP SIGNATURE-
