Dailydave mailing list archives
Re: Palladium, Memory Forensics, Clouds.
From: Dave Aitel <dave.aitel () gmail com>
Date: Fri, 22 May 2009 07:33:43 -0400
Most people don't really understand Palladium, since it is quite complex, but it's not a software only solution. You'd need a special Palladium enabled keyboard, mouse, display, and audio IO setup. These would each have crypto chips in them which could encrypt to and from the trusted hypervisor. Look for them in a Microsoft store near you real soon! As Joanna points out, this requires a special kind of key (the EV) to be inserted on your motherboard by the manufacturer, which they are not doing yet probably because the politics of a global PKI system are unbelievably hilarious. Until then, you can software emulate Palladium, but once that becomes ubuquitous, then it's going to be a rapid change (~5 years?) before breaking DRM requires hardware modifications. -dave On Thu, May 21, 2009 at 9:58 AM, Curt Wilson <curtw () siu edu> wrote:
I'm no expert on hypervisors, but I'm curious - in this scenario, what's to stop a trojan from inserting itself between the hypervisor and keystrokes? If malware such as Torpig, Zeus and the like are any indication of the future threat in this area, then it may be a tall order to ensure "end to end trust" on a trojaned box. Given the routine violation of various protection mechanisms, how to best ensure the protected process space? Dave Aitel wrote: <snip>There's just so many good things that come with "end to end trust". You could send an email from a trojaned box securely to someone else with a trojaned box. The title bar of your window would say "signed to Microsoft Outlook" and the hypervisor would encrypt the whole transaction from your keyboard presses to the pixel display in a process space no other process or kernel task can access.<snip> _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Palladium, Memory Forensics, Clouds. Dave Aitel (May 20)
- Re: Palladium, Memory Forensics, Clouds. Joanna Rutkowska (May 21)
- Re: Palladium, Memory Forensics, Clouds. Curt Wilson (May 21)
- Re: Palladium, Memory Forensics, Clouds. Dave Aitel (May 22)
- Re: Palladium, Memory Forensics, Clouds. Joanna Rutkowska (May 22)
- Re: Palladium, Memory Forensics, Clouds. Dave Aitel (May 22)
- Re: Palladium, Memory Forensics, Clouds. James Butler (May 25)
- Re: Palladium, Memory Forensics, Clouds. dave (May 27)
- Re: Palladium, Memory Forensics, Clouds. Matthieu Suiche (May 27)
- Re: Palladium, Memory Forensics, Clouds. Dominique Brezinski (May 27)
- Re: Palladium, Memory Forensics, Clouds. dave (May 27)