cyber-"terrorism"?
Brian Gladman
Brian Gladman" <brg at gladman.plus.com
Wed, 18 Sep 2002 21:11:15 +0800
From: "Ben Laurie" <ben@algroup.co.uk>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Wednesday, September 18, 2002 8:25 PM
Subject: Re: cyber-"terrorism"?
> Brian Gladman wrote:
> > And I am not pursuaded by the arguments that I have heard that I do not
need
> > a secure boot sequence. I think a small security kernel running on a VM
> > machine can improve security significantly when compared with what we
have
> > now. And to get a security kernel up and running with high assurance I
> > believe we need a secure boot sequence and limited code metrics.
> >
> > Although both David and Peter are unconvinced that the gains in security
> > terms would be significant, I have to disagree with them. If we can get
> > strong process separation and full control of memory and peripheral
access
> > we don't need anything more from hardware.
>
> I think their point, and I'm inclined to agree, is that of the things
> you say we need to be secure, the least important is the trusted boot -
> and if I have a security kernel running, I need it even less.
But how do you know what you have running without secure boot?
Brian