[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Undetectable Rootkits using Virtualization

To: cvv-discuss@xxxxxxxxxxxxxxxxx
Subject: Re: Undetectable Rootkits using Virtualization
From: Paul E Condon <pecondon@xxxxxxxxxxxxxxxx>
Date: Sun, 2 Jul 2006 15:09:23 -0600
Delivered-to: mailing list cvv-discuss@coloradovoter.net
In-reply-to: <001001c69e05$50ed6c80$6606a8c0@Reservoir>
List-help: <mailto:cvv-discuss-help@coloradovoter.net>
List-post: <mailto:cvv-discuss@coloradovoter.net>
List-subscribe: <mailto:cvv-discuss-subscribe@coloradovoter.net>
List-unsubscribe: <mailto:cvv-discuss-unsubscribe@coloradovoter.net>
Mail-followup-to: cvv-discuss@xxxxxxxxxxxxxxxxx
Mailing-list: contact cvv-discuss-help@coloradovoter.net; run by ezmlm
References: <20060630160715.GA3734@big.lan.gnu> <001001c69e05$50ed6c80$6606a8c0@Reservoir>
User-agent: Mutt/1.5.9i

Please don't CC me, I'm subscribed to this list and read my email

On Sun, Jul 02, 2006 at 12:28:29PM -0600, Pete Klammer wrote:
> Political technology is presently making the following a naïve assumption:
> 
> > But if one can physically remove the disk drive and investigate it on a
> proper forensic test bed, ...
> 
> Because the "trusted computing" initiatives spurred by corporate media thugs
> are forcing hardware vendors to embed cryptologically-secure "agents" into
> our PCs, below the BIOS, and into the hard drives themselves.
> 

I have no respect for those who babble about 'trusted' whatever. The proper
word for what is needed is 'trustworthy'. All sorts of stupid people 'trust'
our current president, so he is 'trusted', but other, more intelligent 
people wonder if he really knows what he is doing, so he is, maybe, not
'trustworthy'. 

I persist is saying we have to study the details. In this case, if there
is good evidence that disk drives with logic for faking trustworthiness,
are, in fact, being manufactured, then the situation is more complicated
than I assumed: one has to remove the disk and remount it in a different
drive having hand made control logic. Of course, this is not possible for
a county clerk to do, but it is possible for someone to do.

If the hardware that is needed becomes illegal in the US, it can be
purchased from the Russians, or the Chinese, or maybe the North
Koreans. But I don't think it will come to that. 

Think about it. The design for the copy protection stuff that must be added
will, itself, be proprietary intellectual property. Will the Chinese pay
proper licencing fees? Will they implement proper security? How could it
possible be 'trusted'? Trusted by whom? 

-- 
Paul E Condon           
pecondon@xxxxxxxxxxxxxxxx

References:
- Re: Undetectable Rootkits using Virtualization
  - From: Paul E Condon
- RE: Undetectable Rootkits using Virtualization
  - From: Pete Klammer

Prev by Date: Re: Undetectable Rootkits using Virtualization
Next by Date: Corporatist-fixed US-style Mexican election
Previous by thread: Re: Undetectable Rootkits using Virtualization
Next by thread: FW: NEWS: Boulder County Elections Offers Voting Machine Demonstrations
Index(es):
- Date
- Thread