On Sat, 22 Jul 2000, Khimenko Victor wrote:
>> In this mainly-IDE-thread there have been at least two facts stated (or
>> discussed) and I've got some comments on them. (Woohoo!)
>
>> 1. It is possible to write software that will damage hardware.
>
>[Explanation how wrong firmware uploading process can screw you hardware skipped]
>
>This is all right. But you can SIGN firmware blob and hardware will just
>refuse to accept update with bad sign. How much it cost ? I have SmartCard
>from Oberthur here where such protection is implemented. This card cost less
>then 3$. Complete with CPU, memory, built-in DES (used for signature checking
>in TripleDES mode) and so on. Since IDE/ATAPI drive (or you modem) ALREADY have
>CPU, memory it'll add perhaps few CENTS to cost and will give you almost 100%
>protection. Do we really need to tolerate hardware with ability to destroy it
>with few simple commands just to save few CENTS per computer ?
That would definitely be better than what we have now, however I
would still question the true security of it. DVD was cracked.
Granted, the usefullness of it is several orders of magnitude
higher than someone cracking a firmware key, but if implemented
poorly, it could happen. The thing is there is no way of really
knowing if it is implemented well. I guess I'd rather know it
does try to filter the firmware updates, and trust it though than
have nothing and have easily damageable hardware.
TTYL
-- Mike A. Harris Linux advocate Computer Consultant GNU advocate Capslock Consulting Open Source advocate... Our continuing mission: To seek out knowledge of C, to explore strange UNIX commands, and to boldly code where no one has man page 4.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST