This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] integrity checks for the Atlas software?
- Previous message (by thread): [atlas] integrity checks for the Atlas software?
- Next message (by thread): [atlas] Error on multi-probe measurement creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Philip Homburg
philip.homburg at ripe.net
Tue Jan 12 13:02:50 CET 2016
On 2016/01/12 12:48 , Wilfried Woeber wrote: > While thinking about options or mechanisms to make virtual probes "tamper-proof" > I had this question coming up: > > Is the probe software capable to "verify" (check-sum or digital sig) the bootstrap > kit and then, during run-time, verify that the code in memory is still genuine? Hi Wilfried, If you do that naively, .i.e. by calling a function called verify_digital_sig or something and with binaries that have symbol tables, then that call is very easy to patch out. Beyond that, it becomes and arms race. You can try to scramble binaries and some people see it as a challenge to break that. The only way to do secure boot is to lock the owner of a computer out of the booting process. And then we are back to locked hardware. Philip
- Previous message (by thread): [atlas] integrity checks for the Atlas software?
- Next message (by thread): [atlas] Error on multi-probe measurement creation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]