Previous Politech message: http://www.politechbot.com/p-04859.html --- Date: Thu, 19 Jun 2003 01:23:53 +0200 (CEST) From: Thomas Shaddack <shaddackat_private> X-X-Sender: <shad@Zeta> To: Declan McCullagh <declanat_private> cc: <politechat_private> Subject: Re: FC: Orrin Hatch: It's OK to destroy P2P pirates' computers On Wed, 18 Jun 2003, Declan McCullagh wrote: > He endorsed technology that would twice warn a computer user about > illegal online behavior, "then destroy their computer." First, the technology has to get inside the computer somehow. Standard precautions against hostile code apply. However, we have to consider the possibility that such code would run within the operating system itself, sneaked there as part of DRM or in a "must-have" player or as an "update" of oh-so-trusted Microsoft. Even if the code would run there, the number of warnings has to be stored somewhere. Catch this (there are tools for monitoring both filesystem and registry access at eg. sysinternals.com), you are indestructible, just will be annoyed with warnings, which can be clicked away automatically with a small program like eg. PTFB. Once the first warning appears, it is a clear evidence the machine is compromised and that the trip to Google or the newsgroups or to a local hacker, who is likely to know the remedy, is advised. An easy way to get a sample of such hypothetical infector system, or at least its key part, is to set up a honeypot that will be very likely to attract the attention (shouldn't be difficult if the adversary wants to hit 100,000s machines), with logging all its communication on its gateway. Then, once the warning appears, go through the logs and find the cause. Besides, if we rule out reflashing BIOS, which is usually preventable with a jumper, it's rather difficult to physically damage a machine by purely software means. The ancient ways like overclocking the monitor's synchro and frying deflection coil transistors, or getting the disk heads to resonance, can't be applied anymore, as the newer electronics either doesn't allow access to its lowest-level functions (like head seeking of HDDs), or safely shuts down when outside of the allowed parameters (multisync monitors). Otherwise we'd already see cases of hardware-damaging worms. This turns the risk of "destroyed machine" to the nuisance of wiped disks, which is easy to mitigate with regular backups, and the remedy is a routine reinstall. > "If we can find some way to do this without destroying their machines, we'd > be interested in hearing about that," Hatch said. "If that's the only way, > then I'm all for destroying their machines. If you have a few hundred > thousand of those, I think people would realize" the seriousness of their > actions, he said. "There's no excuse for anyone violating copyright laws," > Hatch said. [...] After the first few hundreds victims (the news on the Net spread at the speed of light in a fiber), the technology will get into hands of "rogues", who will devise solutions and workarounds - from cloaking, filtering packets from listed sources or with damaging content, to (finally) provably secure P2P software. Which can be eg. a properly sandboxed Java applet that interacts with the other ones in the Outside (or maybe even a program complete with its own mini-OS running on its own virtual machine, completelly isolated from the rest of the machine, a lightweight version of VMware), and another program running with higher level of privileges that watches for finished downloads and moves the files outside of the applet's write access (optionally sanitizing it during that), so even if the applet itself gets under hostile control, all that can get corrupted are the unfinished downloads and the applet's process itself. Attempts to corrupt the computer by a buffer-overflow vulnerability in the downloaded files (the ID3 tag problems can serve as an example) can be mitigated by a filter that checks every MP3 frame, ID3 tag, and other parts of the files for syntactical validity, clipping eventual too long strings, sanitizing dangerous content, throwing away or interpolating frames with overflows. Orrin's scheme won't turn people away of P2P. Instead, demand for secure P2P systems will be created and shortly later satiated. Another day, another politician proved his technological inaptness... ---- ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. ------------------------------------------------------------------------- To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ Like Politech? Make a donation here: http://www.politechbot.com/donate/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Jun 19 2003 - 22:48:23 PDT