[unisog] Safe remote access

dasdan20@hotmail.com dasdan20 at hotmail.com
Thu Jul 28 17:54:04 GMT 2005


   | >Date: Wed, 27 Jul 2005 15:28:40 -0400
   | >From: Michael Holstein <michael.holstein at csuohio.edu>
   | >Subject: Re: [unisog] Safe remote access
   | >To: UNIversity Security Operations Group <unisog at lists.sans.org>
   | >Message-ID: <42E7E068.8070804 at csuohio.edu>
   | >Content-Type: text/plain; format=flowed; charset=us-ascii
   | >
   | >> Of course, if the owners of the machine let you do that, did they 
let
   | >> the black hat who was there earlier crack it open and install a
   | >> motherboard with on-board keyboard/mouse/video sniffing capability?
   | >
   | >Begs the interesting question if it's possible to modify the BIOS to
   | >implement keysniffing at the motherboard level.
   | >
   | >~Mike.


Some time ago I made a post on the www.dasdan.be forum about  TCPA / 
Palladium + (NGSCB)

http://www.dasdan.be/modules/newbb/viewtopic.php?topic_id=22&forum=16&post_id=24

The post is in Dutch so I translate for you the main content:
visit the links in the forum post for more info about the topic (in english)

TCPA =  Trusted Computing Platform Alliance , an initiative of Intel.
The goal is to build a new computer platform that is really secure.

The plan is that every pc will have a TPM trusted platform module, also know 
as "Fritz-chip".
In a fase every component of your pc will be equiped with such a chip 
(video, network, keyboard, harddisk, bios, ....)
The chip will use 2048 bit encryption. "The chip will alow us to secure the 
communication between the components"
In the future this will assure only certified hard- and software can be 
used.
--> this will be a big problem for open-source (see NOTCPA link)

Microsoft is working on the NGSCB technologie:  Next-Generation Secure 
Computing Base technologies
This will secure the communication between hardware components (keybord, 
harddisk, ...) and software.
This means hardware en software Keyloggers won't work anymore,
A program that uses the NGSCB tech, will not work anymore when something is 
changed in the code.

NGSCB will be in the next version of windows.

The are also a lot disadvantages too, but these are not relevant in this 
context,
take a look on www.dasdan.be if you want to know more about this topic

Kind Regards,

Kevin Wood
Louis Van Houttestraat 8
9050 Ledeberg
Belgium
0032-0-472 / 49 80 29
www.dasdan.be




More information about the unisog mailing list