On 5/10/2013 2:11 PM, Bexley Hall
wrote:
Having
designed (regulated) gaming and "grey area" devices (each
handling hard currency), I can tell you that you have to have
already
performed a pretty exhaustive threat analysis (e.g., red team,
blue\
team) *before* you start the product's
design. If you can't imagine
*all* of the ways you can be
targeted, then you can't determine
how/if you will be "secure" in each of those scenarios (e.g.,
I've incorporated features into the hardware designs to counter
certain types of physical attacks).
indeed, and there's always threat models that no one could foresee,
witness the recent story of coordinated ATM withdrawals of
$45,000,000 enabled by some back door hacking of the bank databases.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
|