Karel Kulhavy <[EMAIL PROTECTED]> writes: > A friend who is happening to write his own operating system just pointed out > to me that a keyboard driver cannot use > > - lookup tables, because timing accessing these lookup tables would yield > information what key was pressed when entering a root password > - tests and jumps, because the same would be possible with the BTB (branch > target buffer). > > He said he had to write the whole driver using logical operation > masking. Does OpenBSD also have this trick? How is the keyboard > security designed in OpenBSD to prevent these covert channels > leaking the information to an unprivileged process?
Your friend needs to get a life. If the environment is so hostile that someone will actually try to extract such data from so much noise without actually visting the admin and convincing him to give access to the machine with money/pain, you shouldn't really allow hostile users on such a machine. //art
