[unisog] Safe remote access
dasdan20 at hotmail.com
Thu Jul 28 17:54:04 GMT 2005
| >Date: Wed, 27 Jul 2005 15:28:40 -0400
| >From: Michael Holstein <michael.holstein at csuohio.edu>
| >Subject: Re: [unisog] Safe remote access
| >To: UNIversity Security Operations Group <unisog at lists.sans.org>
| >Message-ID: <42E7E068.8070804 at csuohio.edu>
| >Content-Type: text/plain; format=flowed; charset=us-ascii
| >> Of course, if the owners of the machine let you do that, did they
| >> the black hat who was there earlier crack it open and install a
| >> motherboard with on-board keyboard/mouse/video sniffing capability?
| >Begs the interesting question if it's possible to modify the BIOS to
| >implement keysniffing at the motherboard level.
Some time ago I made a post on the www.dasdan.be forum about TCPA /
Palladium + (NGSCB)
The post is in Dutch so I translate for you the main content:
visit the links in the forum post for more info about the topic (in english)
TCPA = Trusted Computing Platform Alliance , an initiative of Intel.
The goal is to build a new computer platform that is really secure.
The plan is that every pc will have a TPM trusted platform module, also know
In a fase every component of your pc will be equiped with such a chip
(video, network, keyboard, harddisk, bios, ....)
The chip will use 2048 bit encryption. "The chip will alow us to secure the
communication between the components"
In the future this will assure only certified hard- and software can be
--> this will be a big problem for open-source (see NOTCPA link)
Microsoft is working on the NGSCB technologie: Next-Generation Secure
Computing Base technologies
This will secure the communication between hardware components (keybord,
harddisk, ...) and software.
This means hardware en software Keyloggers won't work anymore,
A program that uses the NGSCB tech, will not work anymore when something is
changed in the code.
NGSCB will be in the next version of windows.
The are also a lot disadvantages too, but these are not relevant in this
take a look on www.dasdan.be if you want to know more about this topic
Louis Van Houttestraat 8
0032-0-472 / 49 80 29
More information about the unisog