[IP] more on It seems that even "secure" financial transactions with Internet Explorer aren't safe

To: Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] more on It seems that even "secure" financial transactions with Internet Explorer aren't safe
From: David Farber <dave@xxxxxxxxxx>
Date: Tue, 6 Jul 2004 20:00:53 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx



Begin forwarded message:

Resent-From: dfarber+@xxxxxxxxxxxxxxxxxx
From: Brad Templeton <btm@xxxxxxxxxxxxxx>
Date: July 6, 2004 3:04:32 PM EDT
Resent-To: dfarber@xxxxxxx
To: dave@xxxxxxxxxx
Cc: capek@xxxxxxxxxx

Subject: Re: [IP] more on It seems that even "secure" financialtransactions with Internet Explorer aren't safe


On Tue, Jul 06, 2004 at 11:27:00AM -0400, dave@xxxxxxxxxx wrote:

safe. Only Ken Thompson's "Don't trust any software that wasn'tENTIRELY
created by someone you trust" (my paraphrase) dictum is worth anything.
And that's a hard thing to do in practice, of course.



Even capitalizing "ENTIRELY" in that statement is not enough.  Thompson
wrote early on of the ability to modify the compiler or operating
system that somebody you trust uses to insert trojan code in a way
that's very difficult to detect.   Thompson modified the compiler so
that it would insert the trojan every time it compiled itself, and
the source code to the trojan would not appear in the released compiler
source, nor in the source of programs it was modifying to compromise
security.

The truth is today, there are very few places you couldn't compromise
with a dedicated effort and a little money.  And you might have a lot
of money available to you if the prize is worth a lot (access to
financial passwords, company secrets, control of voting machines.)

It's possible, but very difficult to remain immune to those attacks,
and next to impossible if you have to worry about insiders trying
to play games with you.  Every person at your company who installs
software on an OS with any insecurities (and that includes all of
them, not just Windows) must confirm with digital signatures techniques
involving signatures that came over independent and uncompromised
channels that the software is clean, and that the people who gave it
to you followed the same level of hygene.

But who doesn't download and install software today? Very few of us.

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] More on Councilman
Next by Date: [IP] Translator in eye of storm on retroactive classification
Previous by thread: [IP] More on Councilman
Next by thread: [IP] Translator in eye of storm on retroactive classification
Index(es):
- Date
- Thread