Re: CRIME Microsoft Windows XP question

From: Crispin Cowan (crispin@private)
Date: Thu Jan 02 2003 - 21:14:31 PST

  • Next message: Brian Beattie: "Re: CRIME Microsoft Windows XP question"

    Shaun Savage wrote:
    
    > If the boot sequence requires 'password' within the OS to access the OS
    > then even if someone boot the machine with evil in their head, the OS
    > will not decrypt it self with out the correct password.  This easily
    > done with a modified init program.
    
    As Brian Beattie pointed out, the attacker can still boot from alternate 
    media and corrupt the password file, or alternately Trojan the login 
    program.
    
    Very simple bottom line: OS security is TOTALLY ineffective against 
    hostile boot media.
    
    > The object is to protect the password file and other boot programs/data.
    > ~ If they are encrypted with only one way to access them then you may
    > lose data but the system would be safe.
    >
    > I use a USB key that init reads.
    
    To make this work, you have to encrypt the entire file system. THAT will 
    prevent the hostile boot media from corrupting files & programs.
    
    But then you have a different problem: where do you put the decryption 
    keys to make the file system useful after boot? Shaun Savage proposes 
    putting it on a USB drive. If you leave the USB drive in place, then the 
    attacker gets the key, and the defense is ineffective. If you remove the 
    USB drive, then the machine cannot reboot without human intervention, 
    which badly damages availability for unattended server operation. So the 
    combination of encrypted file system + USB key storage (or any removable 
    key storage) is only really useful for desktops & laptops. Desktops can 
    be controlled with physical access (your office door) so it is mostly 
    for laptops. (Caveat: beware the custodial attack against desktops)
    
    Crispin
    -- 
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX                      http://wirex.com/~crispin/
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
                    Just say ".Nyet"
    
    
    
    



    This archive was generated by hypermail 2b30 : Thu Jan 02 2003 - 23:35:11 PST