, 2002-07-08
Whether Microsoft's ambitious project is a security solution or a Trojan horse depends much on the company's intentions.
Expand all |
Post comment
The wrong problem addressed
2002-07-09
L0k1 (1 replies)
L0k1 (1 replies)
but I am sceptical -- right now, it is already hardware
that guarantees no User-Level application can write to
kernel memory. Your CPU hardware guarantuees that.
It is bugs in the software running in the kernel that allow
you to bypass this protection.
So we already have hardware protection, and it doesn't help.
Adding Palladium to systems just removes the control over
the hardware from the end user, as _someone_else_ can store
data on his computer without the _legitimate_owner_ being
able to access it.
And if some company can store data securely in _my_ computer,
and companies being hacked all the times with their
source codes and crypto keys being stolen, who is going
to assure me that no hacker has gained the means to store
data in _my_ system without _me_ being able to access it?
This entire "hardware == security" thing is a load of bull.
Look at this thought-model:
(1) Untrusted code cannot read/write trusted memory.
(2) Assumption: Attacker can corrupt trusted code to
read/write trusted memory
Those in favour of Palladium say that current systems
break under Assumption (2), WITHOUT MENTIONING THAT GIVEN
THE SAME ASSUMPTIONS, PALLADIUM BREAKS TOO.
It's all bull :-)
Cheers,
Halvar
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/93/13737#13737