Re: secure client-side platform
[As usual, the From: is a black hole, as a broken-autoresponder
defense. Use the address in the signature if you want to reach me.]
> imagine i'm going to access an e-gold acocunt of $1M ...
> first [...]; then [...]; [...]
> i cannot figure out what could go wrong in the above process ...
How about a "reflash your BIOS" infection? I've heard of malware loose
in the wild that trashes flashable BIOSes; it would take only a little
more care to build one that flashes a carefully infected image instead.
I've never liked the flashable BIOS idea, though I'm OK with it if
there's a way to disable reflashing that can't be changed by software
(eg, a jumper must be on a certain pair of pins). I've seen boards
which "defend" against malware reflashing them by having two copies,
both flashable, which may help against getting randomly trashed but is
of no value against careful malicious reflashing; whatever the vendor
reflashing software can do, malware can do too.
> Q: can you really trust Google?
Trust Google with what? Trust Google to do, or not do, what?
No, I don't actually myself care about the answers to those. I'm just
trying to point out that trust is not a simple yes-or-no thing. For
example, I trust my upstream to deliver (almost) all of the data I send
through them unchanged, but I don't trust them with my passwords on
other than their machines.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@xxxxxxxxxxxxxxxxxxxxxx
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B