Friday, July 20, 2007

Privacy@Google

While responding to concerns about privacy of those who use Google's services Eric Schmidt said that users worried about privacy can choose not to use Google's services. Not only does this response reflect sheer hubris on his part and alienate intelligent beings, it also sidesteps the real question "Should users of Google be worried about privacy?". Privacy international says YES.

Privacy international findings are here: http://www.privacyinternational.org/issues/internet/interimrankings.pdf



Add to Technorati Favorites
Add to Technorati Favorites
Add to Technorati Favorites

Saturday, July 7, 2007

security research, rootkits and TPM

The recent highlight on security research has encouraged a lot of "security researchers" (although the term is a bit too generic...these people are actually "vulnerability researchers"). Today's software contains a lot of security bugs and these researchers find a lot of them. It is a good thing...it helps raise awareness of the problem and pushes the software vendors to fix these bugs.
The media limelight on these researchers also encourages "publicity stunts" and other "celebrity wars". Here is an example:
http://www.securityfocus.com/brief/537
http://www.matasano.com/log/895/joanna-we-can-detect-bluepill-let-us-prove-it/

I do believe that "theoretically" it is impossible to write an undetectable rootkit if the detection system is allowed access to the external world (network access is usually good enough). However, "practically" it is a contest between the rootkit engineer and the rootkit detector engineer. It is certainly possible although difficult to create a rootkit that will be very hard to detect. Similarly, it is possible but difficult to engineer a rootkit detector good enough to detect this rootkit.

Trusted Platform Module is a promising technology that might render the issue moot in the long run. However, TPM itself may have bugs in the beginning: http://www.networkworld.com/news/2007/062707-black-hat.html
I don't know why these guys withdrew...was it because they had found no exploits or were silenced by the TCG?

TPM may have some vulnerabilities in its specification and implementations of the specification will certainly have more. It is still a good technology because in a world with TPM bugs will be confined to a small area and therefore could be more easily found and fixed than in a world without TPM.

Add to Technorati Favorites
Add to Technorati Favorites
Add to Technorati Favorites