Re: Trusted kernel patchset

[One Thousand Gnomes]

> Anything that encourages deploying systems that can't be upgraded to fix bugs 
> that are discovered is a problem.
> 
> This is an issue that the Internet of Things folks are just starting to notice, 
> and it's only going to get worse before it gets better.
> 
> How do you patch bugs on your non-volitile media? What keeps that mechansim from 
> being abused.

One example is flash memory that can only be written by a special part of
the system which verifies the signatures then writes the data to the
flash. That to most intents and purposes is "non volatile". In some
environments jumpers or particular sequences of holding buttons in may
deal with it - if they are handled such that malicious software cannot do
it.

Some systems go further than that and do measure the boot path - so
modern x86 firmware will typically not allow you to flash the BIOS
firmware except from measured firmware, and won't run the result without
checking signatures. Not everything goes that far.

The IoT and general security underfunding is a social and economic issue
however, and isn't soluble by technical means. It will be fixed when the
lawmakers finally stop listening to the lobbyists, or when something
*really bad* happens and they extend liability law to paid services and
licensed components of sold products on the back of either some massive
disruptive hack or serious loss of life.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/