l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2010 Dec 20 11:32

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Security in Space!! [was digest post reply]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Security in Space!! [was digest post reply]



On Mon, Dec 20, 2010 at 09:02:01AM -0800, Nicole Carlson wrote:
> On Fri, Dec 17, 2010 at 12:00 PM,  <vox-tech-request@lists.lugod.org> wrote:
> > Message: 2
> > Date: Fri, 17 Dec 2010 11:28:04 -0800
> > From: Bill Broadley <bill@broadley.org>
> > Subject: Re: [vox-tech] Secure kernel panic
> > To: vox-tech@lists.lugod.org
> > Message-ID: <4D0BB9C4.7090209@broadley.org>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> >
> > On 12/17/2010 09:39 AM, Nicole Carlson wrote:
> >> Hello, beautiful people!  How I have missed you.
> >>
> >> A question for your enormous brains.  Suppose that the kernel panics.
> >> Further suppose that I do NOT want it to dump core.
> >
> > I don't believe it's the default.  Are you worried about it dumping core
> > without you asking?  Or are you worried that someone with physical access to
> > the machine could force it to dump core?
> 
> Not physical access--it's hanging out 25,000 miles up in the air--so
> much as information leakage.  The threat has to do with possibly
> classified information leaking out.  Suppose that our hypothetical
> Linux-running satellite processes classified information.  Now suppose
> that something makes its kernel panic.  My understanding is that when
> the core is dumped, including whatever possibly sensitive information
> is in memory at the time, it becomes readable to anyone who can snarf
> the coredump file and apply kernel debugging tools to it.  This would
> be bad.  The easiest way I can think of to stop this would be to stop
> the kernel from dumping core.

Uhm, you have to have a key in memory to read the data or in some register
and a decryption device. Say your device kernel panics. The network
stack will go away, correct? And then you won't have to worry? I assume
that the issue of physical security is not a big issue, correct? Not
too many people doing space walks or are there? ;-) Or, is there
an adversary with a robotic arm somehwere?

Perhaps you could use SPARK/ADA and develop a fully verified correct
system that has full a <-> b relationship where b is always a secure
state and a is your functionality set, and not a -> b, such that you
implied. SPARK has a full system verification process and a built in
prover using Prolog to aid in verification based upon annotations and
architectural limitations that you provide. 

http://libre.adacore.com/libre/tools/spark-gpl-edition/

The Lego Mindstorm looks like an interesting project that could
provide the foundation you need.
http://libre.adacore.com/libre/tools/mindstorms/

Or, you can use TPM with Linux where security is built into the hardware,
still be secure, and still take advantage of the versatility GNU/Linux
tools have to offer, yet I believe will encrypt all data. Now, all
you have to do is worry about managing is you key. I haven't used TPM,
but as I understand, encryption is built into the bus, or somewhere
in the underlying hardware, giving you security at the base level.

https://www.grounation.org/index.php?post/2008/07/04/8-how-to-use-a-tpm-with-linux

brian
-- 
Brian Lavender
http://www.brie.com/brian/

"Program testing can be used to show the presence of bugs, but never to
show their absence!"

Professor Edsger Dijkstra
1972 Turing award recipient
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.