Re: Butting in.. (Was: scsi-destroyer.c to come...)

From: Karen Shaeffer (shaeffer@best.com)
Date: Sat Jul 22 2000 - 15:29:51 EST

Next message: Dax Kelson: "Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)"
Previous message: Frank van Maarseveen: "2.4.0 firewalling code: reject with type 3 code 13"
In reply to: Mike A. Harris: "Re: Butting in.. (Was: scsi-destroyer.c to come...)"
Next in thread: Jeff Garzik: "courtesy (was Re: scsi-destroyer.c to come...)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jul 22, 2000 at 02:49:24PM -0400, Mike A. Harris wrote:
> On Sat, 22 Jul 2000, Khimenko Victor wrote:
>
> >This is all right. But you can SIGN firmware blob and hardware will just
> >refuse to accept update with bad sign. How much it cost ? I have SmartCard
> >from Oberthur here where such protection is implemented. This card cost less
> >then 3$. Complete with CPU, memory, built-in DES (used for signature checking
> >in TripleDES mode) and so on. Since IDE/ATAPI drive (or you modem) ALREADY have
> >CPU, memory it'll add perhaps few CENTS to cost and will give you almost 100%
> >protection. Do we really need to tolerate hardware with ability to destroy it
> >with few simple commands just to save few CENTS per computer ?
>
> That would definitely be better than what we have now, however I
> would still question the true security of it. DVD was cracked.
> Mike A. Harris Linux advocate

Well, this is part of the solution. But, the other part is quite simple and I
believe being widely implemented in current Flash chips. They contain boot
block sectors that are *never* reprogrammed. Even if you have your Flash
reprogrammed with trash, when you reboot, the system still comes up and has
the *NONREPROGRAMMABLE* boot sector code--that actually facilitates the
reprogramming of the programmable memory sectors on the chip. It's that
simple. And all reprogrammable PROM, Flash, and SMROM *can* be designed to
implement this.

So all this *noise* about the kernel needing major changes is simply not
recognizing the reality that the hardware is defective. Newer systems are
now addressing these *hardware* flaws. The kernel need not take
responsibility for the inadequacy of the hardware industry's legacy systems.
The capabilities patch is about all that makes sense here.

-- Karen Shaeffer Neuralscape; Santa Cruz, Ca. 95060 shaeffer@neuralscape.com http://www.neuralscape.com

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Dax Kelson: "Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)"
Previous message: Frank van Maarseveen: "2.4.0 firewalling code: reject with type 3 code 13"
In reply to: Mike A. Harris: "Re: Butting in.. (Was: scsi-destroyer.c to come...)"
Next in thread: Jeff Garzik: "courtesy (was Re: scsi-destroyer.c to come...)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST