From: Jeff Barber <jeffb@sware.com>
Date: Wed, 28 Dec 94 08:40:21 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Why I have a 512 bit PGP key
In-Reply-To: <199412281551.HAA02892@largo.remailer.net>
Message-ID: <9412281640.AA09644@wombat.sware.com>
MIME-Version: 1.0
Content-Type: text/plain


Eric Hughes writes:
>    From: Jeff Barber <jeffb@sware.com>

>    Nothing is gained --
>    other than additional irritation and delay.

>                                       What is at issue is making it
> difficult for a not-completely-dedicated-to-your-destruction sysadmin
> to subvert personal files.

But you're advocating what are non-trivial measures in an attempt to solve
a problem which is not the easiest attack anyway.  You have been arguing
that it might be possible to download a new MD5, then modify it in unusual
ways to prevent hacking of the local compiler to recognize it.  Then,
when folks point out other ways to subvert your integrity check, you
complain that you're not trying to solve ALL the problems, only a certain
subset.  I think the subset you've selected is arbitrary and not
particularly realistic.

Let's face it, creating the compiler-to-recognize-MD5 is quite a difficult
problem, and if I were your system administrator and wanted to obtain
access to your files, creating a special compiler version or otherwise
attempting to cause your integrity check to fail would be one of the last
forms of attack I'd try.


> Furthermore, the pragmatics of a personal tripwire are that it only
> needs to indicate failure once.  As soon as I found out that my files
> weren't safe in their place of residence, I'd leave.  The practical
> question should not be one of fighting a running battle with a hostile
> root; root always wins, period.  A useful outcome of this discussion
> would be a feasible way of detecting the first modification.  Almost
> always this will not be a full-scale effort.

I agree that would be useful.  But the problem with this whole argument
is that the number of things whose modification you need to detect is
large and their detection is non-trivial.  One of the easiest ways to
subvert your security is simply to record your keystrokes.  It doesn't
take a rocket scientist to hack your kernel (or whatever it's called on
your OS) to do this.  And how do you detect it?  The original kernel
can be restored after booting with a hacked kernel so you can't use
modification times.  Perhaps you can then detect that the system was
rebooted?  Well, maybe, but hiding that is not so difficult either,
and a reboot may not necessarily seem suspicious in any case.

The bottom line is that, as an ordinary user, you are relying completely
on your trust in the system administrator.


-- Jeff