1997-02-03 - Re: Key Security Question

Header Data

From: “William H. Geiger III” <whgiii@amaranth.com>
To: “Dr.Dimitri Vulis KOTM” <cypherpunks@toad.com
Message Hash: 370f38176061e816045dfcf323567b46dfde428b5a131b5574ee189be6f42031
Message ID: <199702030614.WAA14344@toad.com>
Reply To: N/A
UTC Datetime: 1997-02-03 06:14:55 UTC
Raw Date: Sun, 2 Feb 1997 22:14:55 -0800 (PST)

Raw message

From: "William H. Geiger III" <whgiii@amaranth.com>
Date: Sun, 2 Feb 1997 22:14:55 -0800 (PST)
To: "Dr.Dimitri Vulis KOTM" <cypherpunks@toad.com
Subject: Re: Key Security Question
Message-ID: <199702030614.WAA14344@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


In <199702021555.HAA25423@toad.com>, on 02/02/97 at 09:34 AM,
   "Dr.Dimitri Vulis KOTM" <dlv@bwalk.dm.com> said:


>ichudov@algebra.com (Igor Chudov @ home) writes:

>> Dr.Dimitri Vulis KOTM wrote:
>> > Bill Stewart <stewarts@ix.netcom.com> writes:
>> > > On the other hand, if the "repairman" replaced your pgp executable
>> > > with version 2.6.3kgb, which uses your hashed passphrase as the
>> > > session key, you're hosed.  Or if he installed a keystroke sniffer,
>> > > or added a small radio transmitter to your keyboard, or whatever.
>> > > Depends on your threat model.  If you need to be paranoid,
>> > > they've already gotten you....
>> >
>> > If you're really paranoid, you can boot from a clean floppy and
>> > reinstall everything from your backup tapes. You do have a
>> > contingency plan in case your hard disk goes bad, or gets a
>> > virus, don't you? Well, if you're in doubt, exercise it.
>>
>> And what if the repairman replaces BIOS ROM chips with KGBios?

>On some computers it's possible to add executable code to the boot
>sequence without replacing the actual ROM chip because they're
>rewritiable. Examples: most Sun boxes; intel motherboards with 'flash
>bios'.

V-Communications has a nice Bios Pre-Processor for their dissasembler for
anyone intrested it playing with their bios code. Most newer MB's come with
Flash Bios and the software to Flash the chip is available for download
from the Manufacture. I'v gone and tinkered around with the bios on a
couple of my AMI motherboards.

Flash bios does open the possibility for a virus infection of ones bios. I
have had several intresting discussions with the AMI programmers about
this. IMHO any device that has flash bios should have a jumper on the
circuit board to enable/disable the flash option. I have not seen anyone
that is doing this with their products.

The MB bios is relativly safe as the flash process happens pre-post but
considering that flash bios can be found in almost all computer prerifials
the potential for harm is there. Currently on my system I have flash bios
on the HD's, modem's, NIC's, & SCSI card's. All are a potential hiding spot
for a virus.


- --
- -----------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
                          
Finger whgiii@amaranth.com for PGP Key and other info
- -----------------------------------------------------------
 

 
Tag-O-Matic: Air conditioned environment - Do not open Windows.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Registered User E-Secure v1.1 0000000

iQCVAwUBMvUl1Y9Co1n+aLhhAQHVcAQAmlU7/gY80+0C3KTowerMkZHa1ro4A5g5
0qKRuuAO08eOmnwND16bBxOo5KKZU/2Xxydvdg2CpE4C9ga/po3QTasa+kKzpsR7
jBQxDAWauirLlJtXCnfiaYQrycxX6YoFoZanRGticT4ObRmFvT0OcqYqqL/fgXe0
oSiw02JDATQ=
=S97o
-----END PGP SIGNATURE-----







Thread