From: Ed Carp <ecarp@netcom.com>
Date: Wed, 27 Apr 94 06:46:52 PDT
To: Jim Sewell <jims@Central.KeyWest.MPGN.COM>
Subject: Re: Milgram & Authority
In-Reply-To: <9404271330.AA04421@Central.KeyWest.MPGN.COM>
Message-ID: <Pine.3.89.9404270650.A19924-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Apr 1994, Jim Sewell wrote:

> ObCrypt: Has anyone heard of work in the area of encrypting all information
> 		 on a computer and build the authentication software into the 
> 		 operating system so the only practical chance of intrusion is a 
> 		 forgetful operator?

Yes, in fact, that's been talked about.  There's a DES-based loop driver 
for disks floating around, and I've kicked around the idea of hacking 
exec() and the back-end to gcc so that ld would use PGP to digitally sign 
a binary based on a serial number in the kernel, and having exec() use 
PGP to verify that the binary hadn't been tampered with.  I suppose the 
same idea could also be used to encrypt binaries, so that the binary 
couldn't be tampered with and would only run on that machine.  Not a real 
problem to implement, really.