[145080] in cryptography@c2.net mail archive
Re: Crypto dongles to secure online transactions
daemon@ATHENA.MIT.EDU (Rob Townley)
Mon Nov 16 18:29:00 2009
Reply-To: Rob.Townley@gmail.com
In-Reply-To: <20091111155344.2CF6933DAC@absinthe.tinho.net>
Date: Mon, 16 Nov 2009 12:39:03 -0600
From: Rob Townley <rob.townley@gmail.com>
To: Cryptography <cryptography@metzdowd.com>
On Wed, Nov 11, 2009 at 9:53 AM, <dan@geer.org> wrote:
>
> Matt Crawford writes:
> -+-------------------
> =A0| Imagine a couple of hundred million devices with updatable
> =A0| firmware on them, and one or more rogue updates in the wild.
>
>
> So should or should not an embedded system have a remote
> management interface? =A0If it does not, then a late discovered
> flaw cannot be fixed without visiting all the embedded systems
> which is likely to be infeasible both because some will be where
> you cannot again go and there will be too many of them anyway.
> If it does have a remote management interface, the opponent of
> skill focuses on that and, once a break is achieved, will use
> those self-same management functions to ensure that not only
> does he retain control over the long interval but, as well, you
> will be unlikely to know that he is there.
>
> This leads to a proposal on what to do about the future:
> Embedded systems, if having no remote management interface and
> thus out of reach, are a life form and as the purpose of life is
> to end, an embedded system without a remote management interface
> must be so designed as to be certain to die no later than some
> fixed time. =A0Conversely, an embedded system with a remote
> management interface must be sufficiently self-protecting that
> it is capable of refusing a command.
Almost every U.S.A. based bank that i have used own several physical
branch locations. Maybe
your country is different. Disable the service until the customer
physically brings in the old hardware to be replaced with a new one to
eliminate need for remote management. Our planet has too much
electronic garbage to build permanent preprogrammed death.
>
> Long live HAL,
>
> --dan
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.c=
om
>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
