[168151] in North American Network Operators' Group
Re: verify currently running software on ram
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Mon Jan 13 10:59:35 2014
Date: Mon, 13 Jan 2014 10:59:08 -0500 (EST)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <210021.1389617089@turing-police.cc.vt.edu>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
---- Original Message -----
> From: "Valdis Kletnieks" <Valdis.Kletnieks@vt.edu>
> You really need assistance from one layer further down - if you're in
> a VM, you need to ask the hypervisor. If you're on bare metal, you need
> to ask the SMM or equivalent. If you're in the SMM, you need to ask the
> hardware. And of course, at each level, you have to ask yourself how
> you know that *that* level isn't lying to you....
>
> (Yes, this is the corner of system security where, if you're not
> already a paranoid schizophrenic, you will be soon.. :)
If you have not already read the Ken Thompson paper:
http://cm.bell-labs.com/who/ken/trust.html
And for a bit more on whether it was ever actually implemented, from Ken
himself:
https://groups.google.com/d/msg/comp.security.unix/ivjYjNSduFc/0Er2cynPKjsJ
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA #natog +1 727 647 1274
