[117853] in Cypherpunks

home help back first fref pref prev next nref lref last post

Civil war for our personal computers w/o html

daemon@ATHENA.MIT.EDU (Gary Jeffers)
Mon Sep 13 02:29:27 1999

Message-ID: <000901befdbf$09abfdc0$3fc7a5d0@minemine>
From: "Gary Jeffers" <jeffers@htc.net>
To: <cypherpunks@cyberpass.net>
Date: Mon, 13 Sep 1999 01:07:32 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Reply-To: "Gary Jeffers" <jeffers@htc.net>

                         CIVIL WAR IN OUR PERSONAL COMPUTERS

                                          or
                           THE SEGREGATED PERSONAL COMPUTER

                                          or
                           THE DIVIDED PERSONAL COMPUTER

                                          or
                  MULTIPLE TRUSTED ENCRYPTED LINEAR GATED SENTINEL CPU's


 The BACK-DOORED CPU POSTULATE: The NSA either already has or soon will have
the major
         cpu manufacturers, including Intel, distributing cpu's with back
doors in their
         designs. This method is simply too elegant and too cheap on a per
target basis to
         pass up.


   Personal computers are too big and complicated to trust. We have millions
of bytes of
executable code and several digital chips in each one of them. Shrink
wrapped software
and digital chips can be back-doored. Notibly, this also includes operating
systems, Internet
browsers, and sentinels (anti-virus software). Nobody can guarantee that a
back-door doesn't
exist on his modern computer.


                            TRUSTED CHIPS ARE CRUCIAL

   The only possible way of defending against the threat of widely
distributed commercial
back-doored hard or soft ware is by use of trusted cpu chips. By trusted, I
mean chips of
which we could be sure that the architecture did not have any maliced
structure (back doors).
Without trusted chips, I see little hope for information freedom.

   The trusted chips would be used to segregate the personal computer. Trust
would be
"distributed" over the computer. In operating your computer for critical
private tasks, it
would be assumed that your computer could not be trusted as a whole. It
would be assumed
that your computer had been back-doored. Trusted chips placed between
computer components
would encrypt and decrypt data streams. In this way, the computer, as a
whole, would not
"know" your private information.

   At minimum, three trusted cpu's would be needed. One would be from
keyboard to system.
Another would be from monitor to system. Another between the system and the
telephone line
to the Internet.


                       GENERAL FUNCTION OF THE TRUSTED CHIP

   The general function of the trusted chip is to encrypt/decrypt data. In
this way,
the trusted chip would isolate back doors in the personal computer. Malice
back doors
would only see "meaningless" encrypted data.


                          PROGRAMMING FOR THE TRUSTED CHIP

   The programming on a trusted chip would be minimal. It would include PGP
and some "wrapper"
and associated programming. Each chip would be a PGP "end user" with its own
public/private
key pair. Data would flow thru the computer and the trusted chip gates.

   All software would be open source so it could be publicly and privately
evaluated
and compiled.


                          ARCHITECTURE  OF THE TRUSTED CHIP

   Architecture: A snap-in chip in a visible, single chip module with
terminal pairs for
placement between system components. Maybe a variety of terminal pairs so
user could
easily and flexibly plug chip module into his system. The trusted chip
modules would be
designed so that they would not be tied to particular software. This way,
software
development could be done independently of particular module considerations.
The modules
would be "universal". Module and software design would be simplified and
both would be
given greater utility.


                MOBILITY, "DISTRIBUTEDNESS", AND VARIABILITY OF TRUSTED CHIP
MODULES

   Trusted chips and modules could easily be swapped in personal computers.
Functionality
could be changed and upgraded easily and cheaply. They would tend to give
the personal
computers a variable architecture that would be very difficult for a large
State intruder
to systematically and cheaply deal with. They would make for a
"distributed", variable
target that would necessitate the making "many solutions" for the intruder
and render
the intruders job more difficult and expensive. The advantages of the
intruder's large
scale solutions would be much diminished. Trusted chips could utilize a
distributed
topology to counter the power pyramid, centralized topology of State
tyranny. It would
be hard to widely control trusted chip systems for the same reason that it
is impossible to
eliminate all cock roaches.



                       THREATS THAT TRUSTED CHIPS COULD COUNTER

   The chief threats that trusted chips could counter would be commercial
back doored
soft and hard ware and also black bag break in intrusions that placed back
doors on
personal computers.


                         GENERAL OPERATIONS OF TRUSTED CHIPS

   All trusted chips would be operating when crucial, private operations
were being
conducted. Most of the time, the trusted chips could be in passive mode
except for the
trusted chip between the computer and the Internet line. The Internet
trusted chip
would constantly look for anomalous data. Its operation would probably
differ greatly
from that of the other trusted chips.





              QUESTION: CORRUPTED CHIPS STANDING SENTINEL AGAINST EACH
OTHER?

Questions? Would it be possible to put two back doored cpu chips in line and
use encryption
in both of them in such a way that they could not pass a malice string
between them? A
problem is that a maliced cpu could be triggered by an inputed signal string
that would
open the back door operations. The problem here is that the first cpu would
receive the
signal string and that would activate its operations and that signal string
would seem
to be impossible to censor without a trusted chip. Generally, could you
encrypt/censor
data to a possibly corrupted back door cpu chip without a trusted chip in
front of it?

   If anybody can figure the above out, then everything becomes much easier
and the problem
becomes solvable without the use of trusted chips.


                                     EXIT

       Well, I'm out of ideas for now. Could there be such a thing as a
"trusted chip". How
could it be done? - EPROMS? I'm not good at hardware. Somebody help out
here.

Yours Truly,
Gary Jeffers

BEAT STATE!!!!



home help back first fref pref prev next nref lref last post