Re: Trusting the Installation

Mon, 05 Mar 2012 03:02:27 -0800 

Am Montag, 5. MC$rz 2012, 10:12:02 schrieb PP;QQ P(P8P?P8QP8P=:
> P.S. I'm not a paranoic, but I respect people to be paranoic if they want
> to.

You can be paranoid about the sources and binaries all you want, but you still
don't know the CPU which executes all that code. Even if Intel/AMD would give
you full access to their CPU blue prints, the chip foundry could add things
you
would not notice.

That's the reason why companies which make secure encryption devices would
never trust any CPU/OS combo. Depending on paranoia they offer you either
an FPGA based solution or a hard wired one from logic ICs.

And even if you create the most trusted device, using nothing but 100 year
old
relays and passive components, you are still prone to the "we will whack you
with
a wrench if you don't give me your keys" attack. Very, very effective.

Reply via email to