On 2011-10-11 10:07 , Eugen Leitl wrote: > On Mon, Oct 10, 2011 at 11:20:05PM +0200, Jeroen Massar wrote: > >>> Use your own servers at the co-lo. Use TPM and tamper-proof systems. >> >> Does not matter, given enough power/money/force your adversary can walk > > Au contraire, it does matter very much in practice. By controlling > your hardware instead of relying on vendors or even "teh cloud" > you're raising the bar for attacks considerably. Consider that > nobody can know which exactly security measures you've taken.
Of course you are raising the bar, but that is the only thing you are doing, as the adversary can still walk in, be that with a warrant making it legal, or just by going in. Criminals don't ask for your Ok. >> into that colo and use vampire taps to replug (both power and network) > > Did you catch the part with the video, also streamed off-site? How exactly does that matter? It will already be too late and your full hardware will be off site in a location that you don't control, still running fully and no way for you to stop them from doing what they want to do with it, be that freeze the memory or any component needed. Or do you watch that video screen 24/7 like in the movies with the guards on duty being shown a replay? :) Yes, nice things like mercury switches, glueing the whole thing together and other such tricks can even deny physical access, but really, what are you trying to protect there? :) > If there's a convenient temporal lacune on multiple probes, you know > your hardware is no longer trusted. I am surprised if you are that paranoid that you trust the hardware in the first place. You do realize where the designs come from and where they are built right? :) Yes, you will know that your hardware from that point is untrusted, but who says it was not before? >> your box without you noticing anything and monitor the rest from there on. > > They are welcome to tap the network. It's what they already can do, > by mirroring the incoming switch port and packet capturing there. > This is not relevant to accessing secrets locked in hardware, or > present at runtime. Nope, but that is why a vampire tap can also do power, so they can remove the box from the rack/location that you have as 'secure' and then they can do whatever time consuming things you want. Unless you have a full remote kill switch in there packed with some C4 or so. But that is why I mention rubberhose: if they want to get the info in there, they will politely ask you for them instead. >> As for TPM, who build that piece of hardware and are you sure that a >> copy of your keys are not kept elsewhere? > > Because you generated the key itself, of course, and using a > physically secured TPM token you installed yourself. Did you build that TPM token? I am just trying to give obvious hints here and above etc... For that matter, did you write and audit 100% of the code, oh and not to forget the compiler that you are using for that code? And what about that little video camera just behind your screen, did you notice it already? ;) Like everything in live, it just depends on how much you care. For most people though, unless you are doing super secret evil stuff, just using a Gmail account with PGP in combo with SMTP/IMAP is good enough(tm) a security measure. > It can be rather hard to access a piece of hardware hotglued into > an internal USB port, with hardware with live IPMI monitoring, > including chassis intrusion detection, including motion-detected > streaming video streaming to cryptographically secured local > filesystem and also off-site. Local filesystem does not matter, as you won't see it. Thus if the video cuts, the only lesson you learned is that the box is not to be trusted anymore, but then it is already too late in most cases as they also likely know who is footing the bill, just follow the money and thus where your bed lives. > It is all doable, but it won't be done in practice or ordinary > threat models. > >>> I used to store crypto secrets on USB smartcards, and have >>> streaming video in the rack, all on UPS. Nowadays, it's even easier. >>> >>> No point to make it too easy. Mallory should earn his keep. >> >> At one point or another they just apply rubberhose crypto thus don't >> make it too difficult. > > Why do you bother breathing? You'll die, anyway. I don't have to bother breathing, not everybody is Darth Vader, it happens automatically more or less as a reflex for most people and there is so much fun in the world without having to consider conspiracy theories ;) Greets, Jeroen _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
