[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
On Thu, 16 May 2002, Ian P. Christian wrote:
Perhaps a little off topic, but I see no reason why manufacturers should wise up to it. Anyone who knows anything about hardware will know how to get around the jumper anyway, so why hide it?
One of the more important rules of security is that physical security is paramount - once a cracker has physical access to your machine he can do as near as dammit anything. Why bother trying to bypass a BIOS password when you can just remove the HD? This is why companies such as IBM and nCipher are now producing Hardware Security Modules - basically a PCI card or drive-bay enclosure that is used to store key-pairs. These devices are generally tamper-resistant (or at least tamper-evident) and once you've put the keys into the box you *cannot* get them out. Keys can only be reloaded into a box if you have a certain number of smartcards that store key data. I actually got my hands on an nCipher card this morning as part of an evaluation kit - the heaviest PCI card I've seen in my life as the entire card is encased in epoxy :) J. -- Jon Still E-mail: jon@xxxxxxxxxxx System Administrator Web: http://www.tertial.org/ tertial.org Tel: +44 (0)7977 066087 -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.