Hi! > > Define unsafe. > > > > If you want security against bad people resuming your machines, please > Yes, this is one of the requirements. > > But I thought you were trying to do something for secure boot, and "bad > > person resumes your machine" is out of scope there. > > > Not exactly, secure boot is one solution to meet the requirement. Is it? AFAICT secure boot is something else. "Not even owner can see kernel memory". > > So please always explain security against _what kind of attack_ you > > are trying to improve; intelligent communication is not possible > > without that. > > > User requirement: > A is the user, B is the attacker, user A launches a STD and > encrypts A's ram data, then writes these encrypted data onto > the disk, so that: Even if user B has access to the disk, > B could not know the content of A. Which implies: > 1. If B unplugs the disk from A's machine, and plugs the disk onto > another machine, B could not decode the content without A's > 'permission'. > 2. If B is using the same machine as A, even A has walked away leaving > the system suspend, B could not resume to A's context without > A's 'permission'. Ok. Let's call this "effective resume password". > Previously, there are three proposal for this: > a. Enhance the uswsusp(Pavel) Actually you don't have to enhance anything. Uswsusp already provides "effective resume password". If you only want to ask for password on resume, RSA is needed. > Then let's talk a little more about secure boot. According > to my understanding, the situation secure boot tries to deal > with is a little different from the user case we raised above - > It is an enhancement for case 1, because it refuses to resume > once the machine is changed. And it does not cover case 2. But > if it is a requirement from the user, that's ok. That does not match my understanding of secure boot. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature