[linux] I have a theoretical question about secure
computing
Frank Heasley
DrHeasley at medzilla.com
Thu Jul 10 10:01:10 PDT 2003
All security is through obscurity. It just depends on how obscure you can
make it.
At 09:44 AM 7/10/03 -0700, you wrote:
>People,
>
> I have been having several discussions about Trusted Computing.
>See, for example, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html and also
>http://www.eetimes.com/story/OEG20030415S0013 for just two of many
>resources on the subject.
>
> As I understand it, trusted computing involves modifying a Pentium
>CPU and adding addition hardware to it so that it will not work unless you
>have a proper key. However, my understanding of a Turing machine is that
>any turing machine can be emulated by any other turing machine. A Pentium
>(and, in theory, any of its descendents) is a Turing machine. Therefore,
>it should be possible to take a product such as VMware and modify it so
>that it has the same security features as this NGSCB machine.
> Further, it should be possible to modify the software emulator so
>that once the content is unlocked by the key, it stays unlocked.
> In other words, when we test a machine for proper operation using
>a diagnostic program, we then make a leap of inference that if the machine
>passed the diagnostic, then it is correct. But what if the machine were
>sophisticated enough to recognize the diagnostic and work properly when
>diagnosed, but to work improperly when in production? A software
>emulation could do that.
>
> Note that in this discussion, I am ignoring questions about
>ethics, law, cost, social consequences or performance. I don't want to
>trivialize those questions, because they are important also.
>
>
>Many thanks,
>
>
>Jeff
>
>
>Jeff Silverman,
>Senior Computing Specialist 3, Fire and Environmental Research
>Applications (FERA) team.
>jeffsilv at u.washington.edu (206) 732-7815
>http://duet.cfr.washington.edu/~jeffs
More information about the Linux
mailing list