[techtalk] SELinux

Julie jockgrrl at austin.rr.com
Sat Jul 7 15:46:13 EST 2001 

Michael Carson wrote:
> 
> Julie wrote:
> 
> >It wouldn't constitute a secure system on account of I have a
> >small child living in the house and he knows how to boot from
> >CD-ROM =and= use most of the tools in my toolbox ;-)
> >
>    Oh dear.  How wonderful and terrifying at the same time.  :)

I "depend" upon his general inability to actually hack the
machine.  That and the alarm in the house to call the police
in the event someone decides to tamper with the contents of
the house while I'm not there ...

> >But just to be annoying I'll remind everyone that "trust" is a
> >negative statement about dependence.  Certainly not something
> >that would ever be used in the sentence "You'd loose[sic]
> >whatever trust you have in your hardware, ..."
> >
>    Huh?  OK, so I'm dim when I'm sick, but can you explain this?  I have
> some degree of trust that my hardware hasn't been tampered with.  If I
> leave my hardware in my enemy's stronghold for some time (spy plane,
> anyone?) I lose* any trust I might of had in my hardware's integrity.

In the sense you are using the word, you are actively "trusting"
the hardware.  Hardware is, of course, just a "thing" with some
set of properties.  The software depends upon the properties to
perform some function.  If the hardware doesn't perform those
functions, well, the software is "untrustworthy", unless you can
perform those functions some other way -- such as secure machine
rooms or armed Marine guards.  If you ever get a chance to visit
the NSA you'll discover that there are people there who have guns
on them -- like the nice lady behind the desk in the lobby ;-)

There's no reason to even depend on the hardware to provide
security -- consider such things as secure machine rooms and
crypto filesystems.  That very nice lady with the gun makes
sure you don't open the case and alter the hardware in some
way and the crypto filesystem makes sure that only the owner
of the data is able to access it.  Now you've moved your
dependence onto the nice lady's ability to shoot people and
the strength of the crypto.  If she's a really good shot you
could run the machine with the covers removed.  And if it gets
into this "enemy stronghold" the data remains secure to the
extent that the crypto mechanism is secure.  Zero hardware
dependence.

> * "It is a poor imagination that can conceive of only one way to spell a
> word"

Hmmmm.
-- 
Julianne Frances Haugh             Life is either a daring adventure
jockgrrl at austin.rr.com                 or nothing at all.
					    -- Helen Keller

More information about the Techtalk mailing list