[118240] in Cypherpunks
Re: Is There a Visor Security Model?
daemon@ATHENA.MIT.EDU (Bill Frantz)
Wed Sep 22 17:36:36 1999
Message-Id: <v03110769b40eb27f8a8f@[207.92.173.117]>
In-Reply-To: <199909220323.XAA22675@world.std.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Wed, 22 Sep 1999 09:23:45 -0700
To: Dan Geer <geer@world.std.com>, Robert Hettinga <rah@shipwright.com>
From: Bill Frantz <frantz@netcom.com>
Cc: cryptography@c2.net, cypherpunks@cyberpass.net,
Digital Bearer Settlement List <dbs@philodox.com>
Reply-To: Bill Frantz <frantz@netcom.com>
At 8:23 PM -0700 9/21/99, Dan Geer wrote:
> The Palm's security model is, by most accounts I've seen, non-existant.
>
>The issue is the lack of memory protection, i.e., that there is no
>protected space for keying material. Visor is said to use the PalmOS
>as is, so that is not a magic wand. Of course, if your OS has no memory
>protection, you can always rely on yet another external hardware
>device, as has already been mentioned.
The other solution is to run you Palm in "system high" mode, where all
applications are trusted. (Since the only application I have added to my
Palm is "Life", I could easily run it that way. Now all I have to do is
gain trust in the built in applications.)
-------------------------------------------------------------------------
Bill Frantz | The availability and use of secure encryption may |
Periwinkle | offer an opportunity to reclaim some portion of |
Consulting | the privacy we have lost. - B. FLETCHER, Circuit Judge |
