1994-04-27 - Re: Milgram & Authority

Header Data

From: Ed Carp <ecarp@netcom.com>
To: Jim Sewell <jims@Central.KeyWest.MPGN.COM>
Message Hash: 9d9e8c358fae6b960e9973fbc40f01451fd1a6523204431419cb385c5e78f52e
Message ID: <Pine.3.89.9404270650.A19924-0100000@netcom10>
Reply To: <9404271330.AA04421@Central.KeyWest.MPGN.COM>
UTC Datetime: 1994-04-27 13:46:52 UTC
Raw Date: Wed, 27 Apr 94 06:46:52 PDT

Raw message

From: Ed Carp <ecarp@netcom.com>
Date: Wed, 27 Apr 94 06:46:52 PDT
To: Jim Sewell <jims@Central.KeyWest.MPGN.COM>
Subject: Re: Milgram & Authority
In-Reply-To: <9404271330.AA04421@Central.KeyWest.MPGN.COM>
Message-ID: <Pine.3.89.9404270650.A19924-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 27 Apr 1994, Jim Sewell wrote:

> ObCrypt: Has anyone heard of work in the area of encrypting all information
> 		 on a computer and build the authentication software into the 
> 		 operating system so the only practical chance of intrusion is a 
> 		 forgetful operator?

Yes, in fact, that's been talked about.  There's a DES-based loop driver 
for disks floating around, and I've kicked around the idea of hacking 
exec() and the back-end to gcc so that ld would use PGP to digitally sign 
a binary based on a serial number in the kernel, and having exec() use 
PGP to verify that the binary hadn't been tampered with.  I suppose the 
same idea could also be used to encrypt binaries, so that the binary 
couldn't be tampered with and would only run on that machine.  Not a real 
problem to implement, really.





Thread