Re: remote-attestation is not required (Re: The bank fraud blame game)
I think you misread what I said about BIOS jumper required install. Ie this is not a one click install from email. It is something one user in 10,000 would even install at all! It would be more like people who program and install custom BIOSes or something, people who reverse-engineer security products. Point is to allow audit of running code by a few paranoid people to keep things honest. The whole point of the separate program space is that it DOES NOT get infested with viruses like windows does. The software running in it will be very very simple, have minimal UI, minimal code etc. Obviously there would be no software connection between anything received in email and changing the software in the physical or virtual software compartment. Adam On Tue, Jul 03, 2007 at 05:53:19PM -, John Levine wrote: I do not believe the mentioned conflict exists. The aim of these calculator-like devices is to make sure that no malware, virus etc can create unauthorized transactions. The user should still be able to debug, and inspect the software in the calculator-like device, or virtual software compartment, just that installation of software or upgrades into that area should be under direct explicit user control. (eg with BIOS jumper required to even make any software change!) In view of the number of people who look at an email message, click on an attached ZIP file, rekey a file password in the message, and then run the program in the file, thereby manually installing a virus, it's way too dangerous to let users install any code at all on a security device. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
remote-attestation is not required (Re: The bank fraud blame game)
I do not believe the mentioned conflict exists. The aim of these calculator-like devices is to make sure that no malware, virus etc can create unauthorized transactions. The user should still be able to debug, and inspect the software in the calculator-like device, or virtual software compartment, just that installation of software or upgrades into that area should be under direct explicit user control. (eg with BIOS jumper required to even make any software change!) The ring -1 and loss-of-control aspects of TPM are different, they are saying that you are not really root on your own machine anymore! In the sense that if you do load under a debugger the remote party can tell this and refuse to talk with you. This remote attestation feature is simply not required for user-centric, user-controlled security. Adam On Sun, Jul 01, 2007 at 11:09:16PM -0400, Leichter, Jerry wrote: | something like a palm pilot, with screen and input and a reasonably | trustworthy OS, along with (as you say) the appropriate UI investment. You do realize that you've just come down to what the TPM guys want to build? (Of course, much of the driving force behind having TPM comes from a rather different industry. We're all happy when TPM can be used to ensure that our banking transactions actually do what the bank says it will do for a particular set of instructions issued by us and no one else, not so happy when they ensure that our music transactions act the same way) Realistically, the only way these kinds of devices could catch on would be for them to be standardized. No one would be willing to carry one for their bank, another for their stock broker, a third for their mortgage holder, a fourth for their credit card company, and so on. But once they *are* standardized, almost the same potential for undesireable uses appears as for TPM's. What's to prevent the movie download service requiring that you present your Universal Safe Access Fob before they authorize you to watch a movie? If the only significant differences between this USAF and TPM is that the latter is more convenient because more tightly tied to the machine, we might as well have the convenience. (This is why I find much of the discussion about TPM so surreal. The issue isn't the basic technology, which one way or another, in some form, is going to get used. It's how we limit the potential misuses) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: remote-attestation is not required (Re: The bank fraud blame game)
Adam Back [EMAIL PROTECTED] writes: I do not believe the mentioned conflict exists. The aim of these calculator-like devices is to make sure that no malware, virus etc can create unauthorized transactions. The user should still be able to debug, and inspect the software in the calculator-like device, or virtual software compartment, just that installation of software or upgrades into that area should be under direct explicit user control. (eg with BIOS jumper required to even make any software change!) The ring -1 and loss-of-control aspects of TPM are different, they are saying that you are not really root on your own machine anymore! In the sense that if you do load under a debugger the remote party can tell this and refuse to talk with you. I agree with Adam that the unique and defining aspect of TPM technology is this property that users can prove their machine state without being able to lie about it (modulo hardware attacks etc). This can easily work to the user's detriment - lying is often useful - but could sometimes be to the user's advantage as well - being able to provably tell the truth is useful too. In the case of bank security, the question is whether there is any point in trying to keep users from being able to falsify information about their system configuration and software status. Generally, the user has no incentive to do so. The question is whether attackers could somehow exploit the ability of users to make undetected changes to their secure computing base via social engineering and similar hacks. In the case of the calculator-like device, for example, if it is fully reprogrammable by the user, is there a risk that he could be fooled into hooking it up to his computer in that mode and letting attackers change its workings? Or in the case of a TPM-like chip with an owner override, could he be manipulated into using the override so as to make fake banking software look real? Such questions have two sides to them: the case of a user who does get fooled into taking these actions and is harmed by them; and the case of a user who merely pretends to have gotten tricked like this in order to escape liability for transactions he truly did originate. Defending against the latter class of frauds may give the bank incentive to prefer systems where users cannot override their security, so as to reduce the chance of false repudiations. Looking at the system as a whole, then, there may indeed be a case for financial security systems that cannot be overridden by end users. If such measures reduce the overall costs of fraud in the system, then users do benefit at least indirectly from giving up this degree of control. Sometimes in life, paradoxically, you do better by being able to give up certain options, in a verifiable way. TPM technology's benefits to the user would arise from such paradoxical situations. Hal Finney - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: remote-attestation is not required (Re: The bank fraud blame game)
I do not believe the mentioned conflict exists. The aim of these calculator-like devices is to make sure that no malware, virus etc can create unauthorized transactions. The user should still be able to debug, and inspect the software in the calculator-like device, or virtual software compartment, just that installation of software or upgrades into that area should be under direct explicit user control. (eg with BIOS jumper required to even make any software change!) In view of the number of people who look at an email message, click on an attached ZIP file, rekey a file password in the message, and then run the program in the file, thereby manually installing a virus, it's way too dangerous to let users install any code at all on a security device. R's, John PS: Yes, they really do. I didn't believe it either. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]