Anti-snooping operating system close to launch
Steve Schear
schear at lvcm.com
Tue May 28 14:58:54 PDT 2002
An interesting thread concerning M-o-o-t can be found at
http://www.topica.com/lists/m-o-o-t-os-group/read
Of particular interest to cypherpunks may be the "Threats and Weaknesses"
analysis begun in Dec 2000
Threats and Weaknesses
======================
Workstation:
· Hardware/firmware traps either built-in or add-on (eg
keystroke data capture plugs)
· Execution on a virtual machine designed to compromise the
application
· Surveillance techniques (camera, electronic monitoring,
"Tempest")
· Trojan horse software via doctored compiler
· Trojan horse software via doctored CD
Server:
· Undetected impostors or other subversion of security
software
· Key captures
· Billing/Account/Payment tracing and trawling
Network:
· Denial of service attacks on the havens
· DNS and routing attacks (eg via ARPS, spoofing etc)
· false packet etc protocol attacks
· traffic analysis
· monkey in the middle attacks
User:
· Criminalise this product
· Criminalise encryption
· Problem of creating a personal identifier that cannot be
copied, forged or usurped by force
· Billing systems may expose usage details
Data:
· Data entry and exit to the unsecure world - need to have
anonymous methods for this
· Is the data going to be locked up too tightly to be
useful?
· Can the data be manageable but still secure? Eg,
individual directories may be necessary but a security
risk. If there is no good built-in management system,
people will create hazardous insecure out-of-system ones.
· How can data availability be guaranteed over long periods
of time?
Encryption:
· How can keys be securely created, managed and protected
from mis-use?
· Are there sufficiently top-class cryptographers on tap to
implement new secure systems?
Project:
· Is it too ambitious for the resources?
· Can it be staged to produce useful (and profitable)
subsets more quickly?
· Does it conflict with other similar developments?
· Can it be managed in an insecure environment in a
jurisdiction that is hostile to its purpose?
steve
More information about the cypherpunks-legacy
mailing list