Fixing BIOS/bootloader security --> subsidising DRM, Re: Intel to include DRM in new Pentium 4 series processors

Matthew Astley lists-ukcrypto at fruitcake.demon.co.uk
Sun, 15 Sep 2002 10:48:12 +0100 

On Sun, Sep 15, 2002 at 04:04:17PM +0800, Brian Gladman wrote:
> From: "David Wagner" <daw@mozart.cs.berkeley.edu>

> > I'm arguing that we should view this as a risk management problem.
> > There are lots of possible attacks, but not all are equally
> > probable, and not all deserve equal attention.

> [...]
> 
> It is also perfectly logical to solve an attack that is lower in a
> list of priorities when it can be solved even if there are ones
> higher up that cannot.

Also it is an apparently tractable problem, and it can be fixed in
parallel with the various other ones.

Take the format string vulnerability as a recent example of a problem
which needs to be solved independently.

  http://online.securityfocus.com/guest/3342  (contains edible C code)


> > Sure, attacks are possible. I'm not sure whether TCPA has value in
> > defending against them (what's wrong with booting off of a floppy
> > or CD-ROM?), but for the sake of this discussion, I'll accept for
> > the moment that TCPA may provide an effective defense. But that's
> > not enough for TCPA to provide an order of magnitude improvement
> > in security.
> 
> This is not what I said. I said that the _combination_ of Free/Open
> Source software with secure boot and code metrics provided for this.
> And in a subsequent post I clarified what I meant by 'order of
> magnitude'.
> 
> And I have explained in other posts some of the reasons why booting
> off a CD or a floppy does not stop BIOS attacks.

Yes, I think you've made it clear that current BIOSes are broken.

What I don't understand is why they need extra hardware to fix, rather
than just reflashing with a heavily cut down OpenBIOS image and then
being marked read-only.

The sort of attacker who has the resources to change a read-only BIOS
without being detected can instead install a hardware keyboard sniffer
or replace the CPU with a "customised" one.

Just because the extra hardware _does_ fix BIOS problems, is not a
good reason to accept it.


It's also not clear why the "security that geeks will appreciate and
use" has to be so tightly integrated with the "security that
[hollywood] will almost certainly abuse".


> I suspect that we are going to have to agree to disagree on this
> since I am not sure that I can add much to what I have said here and
> in other posts.

I think perhaps it is best to consider boot security as a carrot or
sweetener on the TCPA issue. While it's that it could be used to lock
owners out of their own machines, it seems very likely that this will
only be done for TV set top boxes and games consoles.

My big problem with this is that by buying TCPA enabled hardware, one
is effectively subsidising the extra security features (research for
and production of) that will be used to keep Larry Livestock in his
pen. I'm not happy with this, even if Larry is.

The mass market for games consoles is apparently almost big enough to
support TCPA by itself, given what we've seen of the X-box. With
general purpose computers rolled in too, even if they don't use all
the features, the market is plenty big enough to spread the extra
cost.


Matthew  #8-)