GrouNation

Manage Xresources

webmaster — Fri, 11 Feb 2011 20:02:00 +0100

Some simple but very usefull tips to manage Xresources

List Xresources used by an application

From manpage The appres program prints the resources seen by an application (or subhierarchy of an application) with the specified class and instance names. It can be used to determine which resources a particular program will load.

 $ appres XTerm
 *form.Thickness:        0
 *form.background:       AntiqueWhite
 *tekMenu*vtshow*Label:  Show VT Window
 *tekMenu*tektextsmall*Label:    Small Characters
 *tekMenu*vtmode*Label:  Switch to VT Mode
 *tekMenu*tektextlarge*Label:    Large Characters
 *tekMenu*tekpage*Label: PAGE
 *tekMenu*tekreset*Label:        RESET
 ...

Set of get Xresources

The command to manage the content of the RESOURCE_MANAGER is :

 $ xrdb

To load a new resources, simply enter :

 $ xrdb your_resource_file

PolyXene secure Operating System

webmaster — Mon, 07 Feb 2011 08:38:00 +0100

PolyXene is a certified high-security operating system that enables secure access, from one single work station, to several distinct and non-standardized networks and to data of different sensitivity levels.

Virtualization enables the simultaneous operation of several operating systems on one single machine. As a certified confinement mechanism, virtualization authorizes functional evolution without compromising security issues.

Virtualization provides the opportunity for substantial financial savings since it enables companies to free themselves from hardware constraints (challenge for reducing of number of machines) and improve management performance through enhanced hardware administration, optimum infrastructure usage and simplified maintenance interventions. Last but not least, it provides a high-level guarantee of data integrity and security.

PolyXene is a high security operating system (CC - EAL 5), ultra-reliable operating system using multi-level technology operating in an MILS architecture (Multi Independent Levels of Security).

The aim of this technology is to secure access from one single work station to data of different sensitivity levels and to control the exchange of data of different classification levels between entities and/or storage peripherals via multi-level gateways.

PolyXene provides a set of security features :

internal and external communication control,
on-the-fly disk encryption for confidentiality and integrity,
strong authentication,
RBAC control for administration operations,
log and audit functionalities,
remote administration
...

See detailed architecture.

Sécurité et langage Java

admin admin — Thu, 03 Jun 2010 11:21:00 +0100

Un certain nombre d’idées reçues circulent sur l’apport relatif des différents langages de programmation en matière de sécurité, mais les études techniques détaillées sur le sujet sont relativement peu nombreuses. C’est une des raisons pour lesquelles l’ANSSI a choisi de lancer l’étude Javasec.

Cette étude menée par SILICOM (groupe spécialisé dans les Technologies de l'Information), AMOSSYS (société de conseil et d'expertise en Sécurité des Technologies de l'Information) et l'INRIA (IRISA plus précisément) avait pour objectif les caractéristiques et propriétés du langage Java afin de mesurer l'adéquation de celui-ci pour développer des applications de sécurité.

Cette étude s'est conclue par trois rapports :

le Rapport d’étude sur le langage Java analyse les grandes caractéristiques du langage dans une perspective de sécurité,
le Rapport sur les modèle d’exécution du langage Java qui s’intéresse notamment aux différentes conséquences de l’exécution d’applications Java en mode natif ou par interprétation sur une machine virtuelle,
un Guide de règles et de recommandations relatives au développement d’applications de sécurité en Java.

ANSSI - Sécurité et langage Java

Qubes OS and formally verified microkernel

admin admin — Fri, 28 May 2010 09:41:00 +0100

Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps.

You must have heard about it before: formally verified microkernels that offer 100% security... Why don't we use such a microkernel in Qubes then? (The difference between a micro-kernel and a type I hypervisor is blurry. Especially in case of a type I hypervisor used for running para-virtualized VMs, such as Xen used in Qubes. So I would call Xen a micro-kernel in this case, although it can also run fully-virtualized VMs, in which case it should be called a hypervisor I think.) Formally verified microkernel, by Joanna Rutkowska

Joanna Rutkowska who is the founder and CEO of Invisible Things Lab (see complete profile)

This article follows the launch of a new open source operating system,Qubes , designed to provide strong security for desktop computing. Based on Xen, Linux and the X Window System.

The system is based on the Xen architecture which allows a strong isolation of virtual machines. The end-user can own multiple virtual machines to run its applications. These virtual machines are lightweight VMs based on Linux. The system is administrated from the Dom0 virtual machine which is by definition a privileged virtual machine, but without network access to prevent remote attacks. And finally, the system uses the VT technology to run in unprivileged virtual machines the network and storage hardware support.

A specific interface allows the user to switch between these virtual machines.

The full Qubes architecture is described in this document Qubes OS Architecture.

This looks like an existing secure Operating system PolyXene, with EAL5 common criteria evaluation and formally verified code, realized by the Bertin Technologies company.

Supergeek pulls off 'near impossible' crypto chip hack

admin admin — Wed, 10 Feb 2010 08:01:00 +0000

Tarnovsky figured out a way to break chips that carry a "Trusted Platform Module," or TPM, designation by essentially spying on them like a phone conversation. ... Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle. ...

Complete article

OpenBSD encrypted partition

admin admin — Mon, 25 Jan 2010 09:24:00 +0000

In this article you will find all the information to get an encrypted disk or partition (for example /home) on you OpenBSD system.

I suggest you to take a look at the previous links which give detailed information.

Applied Cryptography

webmaster — Fri, 31 Jul 2009 09:54:00 +0200

Resources to understand the basic concepts and implementations of the cryptography.

Now days, cryptography takes a growing part in the security of information technology. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering.

Cryptography is very useful to achieve the actual requirements in computer security but it is only a way to achieve security ! Usage of cryptographic concepts will not necessary make a system secure. The developer or architect must keep in mind what must be protected and understand well all the concepts to choose the right mechanisms.

This article will first intend to collect resources about cryptographic concepts (theory and implementation) and in a second part will present state of the art to achieve security (integrity, confidentiality and authenticity).

Cryptography concepts can be divided in different categories of algorithms :

Symmetric-key cryptography, often refers to encryption mechanisms and modes (block or stream ciphers). Symmetric-key cryptography uses a unique secret key.
Public-key cryptography, based on mathematical concepts which are based on the computational complexity. Common mathematical concepts are from the number theory (integer factorization problem, or discrete logarithm problem) and more recently elliptic curve cryptography. Public-key cryptography uses a public, which may be freely distributed, and a private key which must be secret.

We can distinguish many other mechanisms in cryptography which can be based on these concepts :

Pseudorandom Bits and Sequences
Stream Ciphers
Block Ciphers
Public-Key Encryption
Hash/Digest Functions and Data Integrity
Identification and Authentication
Digital Signatures
Key Establishment Protocols
Key Management and infrastructures

Basic concepts and implementations

Number-Theoretic Reference

Number-Theoretic reference often refers to arbitrary-precision arithmetic. It is a concept which allow to perform computation on big numbers whose digit precision oversteps fondamental architecture digit precision. The only limitations are the available memory and time computation.

For example, while a number is generaly represented on 32 or 64 bits, arbitrary-precision arithmetic will allow 2048 or 4096 bits representation, as used with RSA.

Good references are :

Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone (Chapter 3 in attachments).
The Art of Computer Programming (TAOCP) by Donald E. Knuth (Volume 2).

Public-Key cryptography

Coming soon.

Symmetric-Key cryptography

Coming soon.

Pseudorandom functions

Coming soon.

Block Ciphers and modes

Coming soon.

Digest Functions

Coming soon.

Import PKCS#12 certificate in Opera

webmaster — Thu, 25 Jun 2009 14:56:00 +0200

How to import a PKCS#12 certificate (including private key) with Opera 9.5 and beta 10.

Opera 9.5 and 10 (beta) have a strange behavior with PKCS#12 certificates. Indeed, many users have been blocked when importing their certificates from Internet Explorer or Firefox.

I have not found any documentation from the Opera team and any help over the Internet so I decided to post my method.

First, in your current browser export your certificate as a PKCS#12 certificate. Suppose you have your PKCS#12 certificate which includes a private key.

If i try to import it with opera I have the following error :

The key of the certificate was encrypted using an unsupported method, possibly one that is not considered strong enough.

Let's see what openssl says about our certificate :

$ openssl pkcs12 -in certificate.p12 -info
Enter Import Password:
MAC Iteration 1
MAC verified OK
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 1
Bag Attributes
    friendlyName: Certificat import
    localKeyID: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx 
Key Attributes: <No Attributes>
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,XXXXXXXXXXXXXXXX

...
-----END RSA PRIVATE KEY-----
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 1
Certificate bag
Bag Attributes
    friendlyName: Certificat import
    localKeyID: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx 
subject=/O=xxxx/OU=xxxx/CN=xxxx
issuer=/O=xxxx/OU=xxxx
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

Then the certificate export as a PEM file :

$ openssl pkcs12 -in certificate.p12 -nokeys -out cert.pem
Enter Import Password:
MAC verified OK

Then the private key export as a PEM file :

openssl pkcs12 -in certificate.p12 -nocerts -out key.pem 
Enter Import Password:
MAC verified OK
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:

Now we have the certificate and the private key as PEM files :

$ ls
certificate.p12  cert.pem  key.pem

The last step, create a valid PKCS#12 Opera certificate :

$ openssl pkcs12 -export -in cert.pem -inkey key.pem -descert -out new-certificate.p12
Enter pass phrase for key.pem:
Enter Export Password:
Verifying - Enter Export Password:

What are the differences with the initial PKCS#12 certificate ? Initial :

MAC Iteration 1
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 1
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 1

Final :

MAC Iteration 2048
PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

Opera requires a high level of security, PKCS#12 certificates must be conform with RC2-40.

You will now be able to import the certificate !!

Mount OpenBSD NFS export from GNU/Linux

webmaster — Thu, 12 Mar 2009 11:48:00 +0100

Mouting an OpenBSD NFS export from a GNU/Linux client fails with mount.nfs: mount system call failed

I decided to write this small tip because I have been confronted to this problem recently and browsing forums over the net didn't help me.

So, suppose you have an OpenBSD (4.4) server with the following (very simple) NFS exports :

 # NFS exports Database
 # See exports(5) for more information.  Be very careful:  misconfiguration
 # of this file can result in your filesystems being readable by the world.
 /mnt/exp1 192.168.0.2 
 /mnt/exp2 192.168.0.2

Portmap, mountd and nfs are running, You can update your exported directories with the following command :

 $ sudo pkill -HUP mountd

To check your exported mount points, on your server or client :

 $ sudo showmount -e server_ip
 Exports list on server_ip:
 /mnt/exp1                           192.168.0.2
 /mnt/exp2                           192.168.0.2

Fine, now the main purpose of this tip is how to mount these exports from a GNU/Linux system, and in my case a Debian SID system ?

When trying to mount one of the exports from a GNU/Linux client I get :

 $ sudo mount server_ip:/mnt/exp1 /tmp/test
 (command do not respond during seconds ....)
 mount.nfs: mount system call failed
 $

After analyzing OpenBSD and GNU/Linux man pages, testing many options I finaly use tcpdump to check the communication between the client and the server. Unlike OpenBSD, GNU/Linux is not configure by default to use secure ports (<1024), but this was not the problem because tcpdump shew that portmap bound the rigth port for mountd.

The solution is simple, OpenBSD uses udp by default for NFS, so you must specify the udp protocol while mounting the export from a GNU/Linux client.

You must use the following command :

 $ sudo mount -o proto=udp server_ip:/mnt/exp1 /tmp/test

Or in you /etc/fstab file add this line :

 server_ip:/mnt/exp1    /mnt/local_exp1      nfs     proto=udp,other_options            0     0

Blog update to Dotclear v2

webmaster — Fri, 30 Jan 2009 00:28:00 +0100

Hi all,

i am currently updating the site to Dotclear v2.
It will probably happen some malfunctioning, so I apology in advance.
I expect you will enjoy the new site and the new theme.

Any comments are welcome !!

Thanks.

Virtualizing the Trusted Platform Module

webmaster — Sun, 07 Sep 2008 17:42:00 +0000

Based on the IBM Research Report on vTPM, this article intends to detail the concepts of a TPM emulation on virtualized context.

Introduction

The goal of this article is to present the IBM Research Report about the vTPM: Virtualizing the Trusted Platform Module (see Attachments).

The main goal is to mix two important technologies : Virtualization and Trusted Computing or specifically the Trusted Platform Module.

These two technologies can ensure complementary requirements :

Virtualization for the high availability, the integrity and the isolation of each virtual machine.
TPM for the security, the chain of trust and the remote attestation.

Virtualizing the TPM is required to provide TCG services in the virtual machines. The virtualization base system should handle the TPM device for its usage and export to each virtual machine a TPM emulated device to extend the chain of trust. So each virtual machine will be able to use the cryptographic resources, store secret objects realize remote attestations ...

The first requirement is then to ensure the same level security provided by the hardware TPM for the virtualized TPMs. Moreover, new requirements are introduced due to the specificities of a virtualized architecture.

The TPM virtualization architecture will propose answers to the following technical requirements :

How to implement a full chain of trust, from the hardware root of trust to the virtual machines through the hypervisor ?
How to implement a full featured TPM device in the virtual machines ?
How to migrate a virtual host, including its TPM associated data ?
How to support remote attestation including the full virtualized system and environment ?

Architecture

The vTPM implementation is composed of :

a vTPM manager which manages the hardware TPM and provide services to manages multiple TPM emulated devices,
a vTPM instance for each virtualized host, which implements the full TCG TPM 1.2 specification,

The architecture is based on a client/server model. Each virtualized host communicates through a client TPM driver. The server TPM driver runs in the virtual host where is implemented the vTPM.

Associating vTPM instances with their VM :

Association between a vTPM and a VM is a one to one association. This association is maintained during the lifetime of the VM. This is a security requirement because vTPM manages secret objects owned by the VM.

Hardware Secure Co-processor support :

The architecture must also support a vTPM subsystem embedded in a hardware secure co-processor (see next figure). The first VM is the owner of the hardware and uses a vTPM instance for its own purpose. A proxy is implemented in the first VM to forward all VM commands to the hardware card.

Root vTPM instance :

First, two requirements are exposed :

API used by the application must keep the same for a software or a hardware implementation. In all cases the common point is to use a dedicated VM to provide the virtual TPM functionalities.
Modern virtualization systems provide migration capabilities. For example export a VM from a host to another one. In the context of a vTPM instance it should be interesting to keep association between the VM and its vTPM during the process of migration. But it is important to guarantee the authenticity and the confidentiality of the data.

So, the architecture of the virtual TPM will be designed as follows. A virtual TPM is a TPM capable of generating new vTPM childs. This means that a system must always provide a Root vTPM instance with cryptographic functions to generate keys, encrypt data, migrate keys between instances ... This Root instance will provide the mechanisms to store and encrypt the state of a vTPM for a migration process.

These functionalities are only available from the root instance and especially to the owner of the root instance. All extented commands require the owner authorization (owner's password). Furthermore, the concept if privileged instance has been introduced. A privileged instance is capable to spawn and manage new child instances. This privilege is inherited and can be passed to a child instance. This mechanism offers advanced features to create a complexe hierarchy of vTPM.

Independent key hierarchy :

Each vTPM has a Storage Root Key (SRK) as root for its key hierarchy and an Endorsment Key (EK). To allow instance and vTPM migration, these keys are unlinked from the key hierarchy of a TPM hardware component. This also allows faster key management and cryptographic operations.

However, if the SRK, EK and other data of virtual TPM are stored in a persistend storage, they must be stored encrypted with a key stored in the hardware TPM device. This symmetric key must be sealed or protected with a password.

Extended command set

The vTPM specifications add a set of commands to the TPM 1.2 specifications.

vTPM management commands to manage the life-cycle of a vTPM : CreateInstance, DeleteInstance, SetupInstance. SetupInstance is used to setup a vTPM and prepare it with the right PCR values.
vTPM migration commands : GetInstanceKey, SetInstanceKey, GetInstanceData, SetInstanceData.
vTPM utility commands : TransportInstance, LockInstance, UnlockInstance, ReportEnvironment. TransportInstance is a specific command to create a communication tunnel between an instance and one of its child instances.

vTPM migration

The vTPM migration capability is provided by a secure protocol which ensure authenticity and confidentiality. Symmetric and assymetric keys are used to encrypt the vTPM state on the source virtual TPM and decrypt it on the destination virtual TPM. The migration process is based on the following protocol :

Linking a vTPM to its TCB

Trust in the Virtual Machine is not necessary because it runs in a virtualizion system, controlled by an hypervisor. Then the trust in the VM is interesting only if the trust in the environment (TCB, hypervisor...) is guarantee. For this reason the chain of trust must be guaranteed from the hardware TPM to the vTPM, from the TCB to the VMs.

So, the architecture proposed provides in the vTPM PCRs a merged version of the measures. A lower set of PCRs in the vTPM shows measures from the hardware TPM and the upper the measures for the VM. By this way, a challenger can see all relevant measures during a remote attestation. The next figure shows an example of this mechanism.

Implementation for Xen

 To be continued ... (see Attachments for details)

Bibliography

Linux Broadcom TIS TPM

webmaster — Sat, 05 Jul 2008 13:01:00 +0000

This article gives additional informations to use the Broadcom TPM BCM0102 with the TIS driver. This TPM is included in my DELL Latitude D630 laptop.

The Linux kernel provides a default driver to user TPMs which are strictly conform with the standard. It is the tpm_tis module driver, but it actually does not contain all component references (HID).

So the following patch adds Broadcom TPM TIS device HID : BCM0102.

(See this post for more information How to use a TPM with Linux).

How to use a TPM with Linux

webmaster — Fri, 04 Jul 2008 11:29:00 +0000

The goal of the article is to offer a simple tutorial to use your onboard TPM to secure your system. The TPM can offer security for a trusted boot and create a chain of trust for over applications.

The Hardware

There are already many versions of TPM standard. The first versions were not all compatible (from Atmel, STM, Infineon...), therefore since the 1.2 version of the standard it seems we have a consensus.

So, we will see the procedure to use a 1.2 TPM.

I have for example a DELL Optiplex 755 which provides a ST Microelectronics TPM conform with version 1.2. This conformance is important since the Linux kernel does not provide a specific implementation for all chips.

You can see what TPMs are supported with your kernel version with the following command :

 $ ls -la /lib/modules/`uname -r`/kernel/drivers/char/tpm
 drwxr-xr-x 2 root root  4096 2008-06-24 10:33 .
 drwxr-xr-x 9 root root  4096 2008-06-24 10:33 ..
 -rw-rr 1 root root  9012 2008-06-18 20:13 tpm_atmel.ko
 -rw-rr 1 root root 10960 2008-06-18 20:13 tpm_bios.ko
 -rw-rr 1 root root 13440 2008-06-18 20:13 tpm_infineon.ko
 -rw-rr 1 root root 20392 2008-06-18 20:13 tpm.ko
 -rw-rr 1 root root 10712 2008-06-18 20:13 tpm_nsc.ko
 -rw-rr 1 root root 17432 2008-06-18 20:13 tpm_tis.ko

The tpm_tis module is the generic one to use fully 1.2 compatible TPMs. We will use this one.

The BIOS

Before doing anything, you must enable the TPM in the BIOS of your motherboard. If you need to reset the TPM BIOS, this usually requires a full power off and back on of the computer.

Linux kernel

We use two generic modules tpm_bios and tpm and the specific one tpm_tis.

First load the generic modules :

 $ sudo modprobe tpm_bios
 $ sudo modprobe tpm

And then the tpm_tis module with specific parameters. In fact, we user the force option to probe rather than using the ACPI entry and the interrupts option to desactivate the IRQ.

 $ sudo modprobe tpm_tis force=1 interrupts=0
 $ dmesg
 ...
 [xxx.yyy] tpm_tis tpm_tis: 1.2 TPM (device-id 0x4A10, rev-id 78)

If you have something like this, all works fine !

If your TPM does not seem to be detected go to the last section Kernel development corner.

TPM management tools

There are many softwares to manage your TPM, the more efficients I think are TrouSerS and Trusted Computing for the Java(tm) Platform.

In this tutorial, we will use TrouSerS . It provides an open-source TCG Software Stack and many TPM tools.

So, we will no see how to take ownership and initialize your TPM. We will use the TPM tools provided with TrouSerS, you can refer to your local manpages of to this documentation.

Prepare the tools

Tools installation :

 $ sudo aptitude install tpm-tools trousers

Trousers is daemon which centralize all the communication with the TPM. All communication are base on Local or Remote Procedure Call (RPC). You can restrict its usage to local programs. First of all, check if it is running :

 $ sudo /etc/init.d/tcsd start

Check if the TPM is accessible :

 $ sudo tpm_version
     TPM Version:    01010000
     Manufacturer Info:    53544d20

Initialize the TPM

So the first step is to take ownership. This operation will prompt for owner and SRK passwords which are very important and must not be lost.

 $ sudo tpm_takeownership
 Enter owner password: xxxxxx
 Confirm password: xxxxxx
 Enter SRK password: yyyyyyyy
 Confirm password: yyyyyyyy

Ownership can only be realized once, any other attempt will fail.

The operation may take awhile, the TPM is generating an initializing some internal cryptographic values. The owner password is for adminstration and other sensitive tasks. The SRK is the Storage Root Key which will be required whenever you load a key into the TPM.

If you have the following error :

 Tspi_TPM_GetPubEndorsementKey failed: 0x00000023 - layer=tpm, code=0023 (35), No EK

This is because your TPM does not have an Endorsement Key. Then, launch the following command which will take awhile :

 $ sudo tpm_createek

Now the TPM has an owner, we can get the Public Endorsement Key. The Endorsement Key is typically a 2,048-bit RSA public and private key pair, which is created randomly on the chip at manufacture time and cannot be changed. The private key never leaves the chip, while the public key is used for attestation and for encryption of sensitive data sent to the chip.

To get the public key, your owner password will be required :

 $sudo tpm_getpubek
 Tspi_TPM_GetPubEndorsementKey failed: 0x00000008 - layer=tpm, code=0008 (8), 
                        The TPM target command has been disabled
 Enter owner password: 
 Public Endorsement Key:
   Version:   01010000
   Usage:     0x0002 (Unknown)
   Flags:     0x00000000 (!VOLATILE, !MIGRATABLE, !REDIRECTION)
   AuthUsage: 0x00 (Never)
   Algorithm:         0x00000020 (Unknown)
   Encryption Scheme: 0x00000012 (Unknown)
   Signature Scheme:  0x00000010 (Unknown)
   Public Key:
 	a71def6a f09b39cb e0e55779 b1e6dfe5 26ca2278 b6fce7cf f1c242c5 545694d8
 	1a5804ad 5a3b1d5c c18c3d93 fda2e201 78a86e4e c93e4bb7 e1851eab ca98cbe5
 	81c06522 1357777c e0e55779 1bac9e9c 8208f203 f1477705 0317fe2b db233d4d
 	a71def6a f09b39cb e0e55779 b1e6dfe5 26ca2278 b6fce7cf f1c242c5 545694d8
        [...]

TrustedGrub

Introduction

TrustedGRUB is an extension of the standard GRUB bootloader. It has been modified to detect and support the TPM functionalities. The main feature of TrustedGRUB is to measure arbitrary files during the boot process and extend the Platform Configuration Registers (PCR).

PCR are registers inside the TPM memory which are updated at each boot.

The PCR are used as follow :

PCR 0 to 3 for the BIOS, ROMS...
PCR 4 contains MBR information and stage1
PCR 8 contains bootloader information stage2 part1
PCR 9 contains bootloader information stage2 part2
PCR 12 contains all commandline arguments from menu.lst and those entered in the shell
PCR 13 contains all files checked via the checkfile-routine
PCR 14 contains all files which are actually loaded (e.g., Linux kernel, initrd, modules...)
PCR 15 to 23 are not used

You can see your currents PCR values with the following command :

 $ sudo cat /sys/class/misc/tpm0/device/pcrs 
 PCR-00: 9C 22 FD 7F A5 88 83 75 13 74 CD DD 12 EA 7B 40 F6 AD F5 F7 
 PCR-01: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
 PCR-02: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
 PCR-03: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
 PCR-04: 44 85 2F BD 5D 44 F9 5B 5E D3 97 16 DF 8E 3C 6E BE 63 A1 20 
 PCR-05: 19 0A 15 23 AF AC 1D C2 6D 48 AA 3D AE 50 FF 89 AE 79 F2 98 
 PCR-06: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
 PCR-07: A8 9F B8 F8 8C AA 95 90 E6 12 9B 63 3B 14 4A 68 51 44 90 D5 
 PCR-08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-09: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-11: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-12: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-13: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-14: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 PCR-15: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
 ...

PCR up to 8 are not extended without any compliant boot loader.

Installation

So, you can download the latest version of TrustedGrub at the following address.

The procedure is the following :

 $ tar -xzvf TrustedGRUB-1.1.3.tgz
 $ cd TrustedGRUB-1.1.3/

Read the file README.tGRUB, you need some specific tools to compile it :

 $ sudo aptitude install aclocale automake autoconf gcc

Then start compiling :

 $ ./build_tgruib.sh
 - Deflating TrustedGRUB
 - Configuring TrustedGRUB
 - Compiling TrustedGRUB

Then, before installing anything copy your actual configuration and prepare a liveCD ;)

 $ sudo mv /boot/grub /boot/grub_old

Remove you actual Grub version :

 $ sudo dpkg -r grub

And then install the new one :

 $ cd TrustedGRUB-1.1.3/
 $ sudo make install

And copy the files for the boot process :

 $ sudo mkdir /boot/grub
 $ sudo cp ../default /boot/grub/
 $ sudo cp stage1/stage1 /boot/grub
 $ sudo cp stage2/stage2 /boot/grub

Copy your old menu list :

 $ sudo cp /boot/grub_old/menu.lst /boot/grub

And finally install Grub :

 $ sudo grub
 root (hdX,Y)
 setup (hdX)

Where X is the disk number and Y the partition number (generally X=0 and Y=0).

You can now restart with a new TrustedGRUB !!

Chain of trust and integrity checking

After restarting the system we can list the PCR and see how they are updated. But the TPM is only a passive component, the security must be ensured by the software at each step. For this reason, new versions of TrustedGRUB come with to additional functionalities :

the checkfile option
the pcr_verify utility.

The checkfile allows to specify in the /boot/grub/menu.lst file, additional files or programs to check at startup. Grub will extend the PCR-13 with a SHA1 of these files.

The first thing to do is to indicate to grub to verify additional files, and where found them (disk and path) :

 title  TrustedGRUB Test
 root  (hd0,0)
 kernel  /boot/vmlinuz-2.6.xx ro quiet splash
 initrd  /boot/initrd.img-2.6.xx
 checkfile (hd?,?)/somewhere/check.file
 quiet

Then, create the file /somewhere/check.file, with the following content :

 fedb1cff009e115f7f5f7b4533667a787798832d (hd0,1)/test1.file
 485214eab2de87284de9d4e323e428bf60e0aa77 (hd0,1)/grub-0.92.tar.bz2
 a6e171e989849dd44735a513c4270a0837c09174 (hd0,1)/test2.file

You must respect the following constraints :

The check file MUST NOT be larger than 8096 Bytes.
The first component is a 40 byte alphanumeric value, created with sha1sum.
The second component has to be the driver followed by the absolute path of the file.
Each line must end with an end-line character.

If you use a wrong syntax your system will not boot !!

TSS Stack

The TrouSerS software suite provides an open-source TCG Software Stack. It is licensed under the Common Public License (CPL).

TrouSers provides the following services :

RSA key pair generation
RSA encryption and decryption using PKCS v1.5 and OAEP padding
RSA sign/verify
Extend data into the TPM's PCRs and log these events
Seal data to arbitrary PCRs
Random Number Generation
RSA key storage

To install it, proceed as the following :

 $ sudo aptitude install trousers

The TSS stack is designed to be used locally or remotely. If you want to allow remote commands you must update the configuration file located in /etc/tcsd.conf :

 $ sudo more /etc/tcsd.conf
 ...
 # Option: remote_ops
 # Values: TCS operation names, separated by commas (no whitespace)
 # Description: A list of TCS commands which will be allowed to be executed
 #  on this machine's TCSD by TSP's on non-local hosts (over the internet).
 #  By default, access to all operations is denied.
 #
 # possible values:  seal - encrypt data bound to PCR values
 #		    unseal - decrypt data bound to PCR values
 #		    registerkey - store keys in system persistent storage Disk write access!
 #		    unregisterkey - remove keys from system persistent storage Disk write access!
 #		    loadkey - load a key into the TPM
 #		    createkey - create a key using the TPM
 #		    sign - encrypt data using a private key
 #		    random - generate random numbers
 #		    getcapability - query the TCS/TPM for its capabilities
 #		    unbind - decrypt data
 #		    quote - request a signed blob containing all PCR values
 #		    readpubek - access the TPM's Public EndorsementKey
 #		    getregisteredkeybypublicinfo - Search system persistent storage for a public key
 #		    getpubkey - Retrieve a loaded key's public data from inside the TPM
 #		    selftest - execute selftest and test results ordinals
 #
 remote_ops = <UPDATE HERE>

All these functionalities can be accessed locally with the tpm_tools but for a more convenient usage, it exists a graphical user interface : ''TPM Keyring''.

To compile this software will be need additional packages :

 autotools-dev
 libltdl3-dev
 libtool
 automake
 autoconf
 swig
 qt3-devel
 openssl-devel
 gtk2-dev
 python-dev
 python-gtk2-dev
 python-all-dev

Then run :

 $ cvs -d:pserver:anonymous@trousers.cvs.sourceforge.net:/cvsroot/trousers co applications/tpm_keyring2
 $ cd applications/tpm_keyring2/

To compile tpm_keyring on Ubuntu you must edit the ''Makefile' file and replace :

 PYTHON_INCLUDES=-I/usr/include/python

with

 PYTHON_INCLUDES=-I/usr/include/python2.5

 PYTHON_INCLUDES=-I/usr/include/python2.4

depending on the version you use.

Then :

 $ make

You can now run tpm_keyring :

 $ ./tpm_keyring

For more information please refer to the following tutorial.

Kernel development corner

Will be updated soon.

By default, the Linux kernel gets in the ACPI tables the information about the supported TPM available on a platform. Even if the TPM device can be found in the ACPI tables, the driver will not find the device if its identifier is not referenced. Most of the TPMs are compatible with the standard tpm_tis module driver but the kernel does not reference all new hardware components. For many of them, the support concists in adding the device HID in the module source.

For example, the Linux kernel version 2.6.25.9 has the following HID :

 in file drivers/char/tpm/tpm_tis.c
 [...]
 static struct pnp_device_id tpm_pnp_tbl __devinitdata = {
 	{"PNP0C31", 0},		/* TPM */
 	{"ATM1200", 0},		/* Atmel */
 	{"IFX0102", 0},		/* Infineon */
 	{"BCM0101", 0},		/* Broadcom */
 	{"NSC1200", 0},		/* National */
 	/* Add new here */
 	{"", 0},		/* User Specified */
 	{"", 0}			/* Terminator */
 };
 [...]

To get all information about your TPM device, you can use a tool iasl, provided by The ACPI Component Architecture Project. This tool is a compiler which allows you yo disassemble the binary ACPI table and dump them in a readable text format.

You can download it here : UNIX Format Source Code and Build Environment.

To compile iasl :

 $ tar -xzvf acpica-unix-20080609.tar.gz
 $ cd acpica-unix-20080609/compiler
 $ make

First get a local copy of your ACPI tables :

 $ sudo cp /proc/acpi/dsdt .
 $ sudo chmod a+r dsdt

To get all informations from the ACPI tables run the following command to disassemble :

 acpica-unix-20080609/compiler/iasl -d dsdt
 
 Intel ACPI Component Architecture
 AML Disassembler version 20080609 Jun 13 2008
 Copyright (C) 2000 - 2008 Intel Corporation
 Supports ACPI Specification Revision 3.0a
 
 Loading Acpi table from file dsdt
 Acpi table DSDT successfully installed and loaded
 Pass 1 parse of DSDT
 Pass 2 parse of DSDT
 Parsing Deferred Opcodes (Methods/Buffers/Packages/Regions)
 ....................................................................................

 Parsing completed
 Disassembly completed, written to "dsdt.dsl"

You now have a text readable version of your ACPI tables in the file dsdt.dsl.

Search the word TPM in the file, you will have a section starting with something like :

 Device (TPM)
                 {
                     Name (_HID, EisaId ("BCM0102"))
                     Name (_CID, EisaId ("PNP0C31"))
                     Method (_STA, 0, NotSerialized)
                     {
                         SX10 ()
                         SX30 (0x0E)
                         SX11 ()
                         Store (SX42 (), Local0)
                         SX12 ()
                         Return (Local0)
                     }
 [...]

The line containing your device HID is the following :

 Name (_HID, EisaId ("BCM0102"))

Add the value BCM0102 in the pnp_device_id structure of the tpm_tis module to support your TPM device. (See this post for an example Broadcom TPM with DELL Latitude D630).

And recompile the module to test !!

Bibliography

Les logiciels libres & GNU/Linux

webmaster — Thu, 03 Jul 2008 22:14:37 +0000

Le but de ce rapport est d'avoir une vue globale des logiciels libres, de la philosophie, des acteurs et de voir dans quels secteurs économiques des changements sont à venir.

Rapport datant de février 2002.

Accessible ici.

VIA C7 Padlock on Debian Etch

webmaster — Wed, 02 Jul 2008 01:08:43 +0000

This article explains :

How to configure the kernel to activate Padlock
How to configure OpenSSL to use the hardware engine
How to configure OpenSSH to use OpenSSL Padlock engine

First of all you will find all references on these web sites :

Linux Kernel

Kernel 2.6.25 has driver for AES, SHA1 and SHA256 in VIA C7 PadLock out of the box. No need to patch it anymore.

When configuring the kernel with for example :

 $ sudo make menuconfig

Set the following options :

 -*- Cryptographic API
 -*- Hardware Cryptographic devices --->
 <M> Support for VIA PadLock ACE
 <M>     PadLock driver for AES algorithm
 <M>     PadLock driver for SHA1 and SHA256 algorithms

Then compile the kernel in the standard debian way :

 $ sudo make-kpkg clean
 $ sudo fakeroot make-kpkg --revision=custom.1.0 kernel_image
 $ sudo dpkg -i ../kernel-image-2.6.25_custom.1.0_i386.deb
 $ sudo mkinitramfs-kpkg -o /boot/initrd.img-2.6.25_custom.1.0 2.6.25_custom.1.0

And edit Grub to add the line for the initrd, something like that :

 title Debian GNU/Linux, kernel 2.6.25_custom.1.0
 root (hd0,0)
 kernel /boot/vmlinuz-2.6.25_custom.1.0 root=/dev/sda1 ro
 initrd /boot/initrd.img-2.6.25_custom.1.0
 savedefault

You can now reboot.

To activate the PadLock optimizations, if you compiled as modules try :

 modprobe padlock_aes padlock_sha

Or add the modules to "/etc/modules".

Linux RNG Entropy

One of the most important think in cryptography is to ensure efficiency of the RNG source. If fact, all initialization vectors, all keys, all random numbers, all prime values ... are generated using data from the RNG source.

The VIA C7 provides a hardware RNG which can be used to add entropy to Linux random source.

To do that, first load the VIA RNG (and add it in "/dev/modules") :

 $ modprobe via_rng

Install rngd, which checks the randomness of hwrng data (VIA hardware RNG) and forwards them into the kernel's pseudo-RNG.

 $ apt-get install rng-tools

And configure the daemon to use the VIA hardware RNG by default, add in file "/etc/default/rng-tools" :

 RNGDOPTIONS="--hrng=via"

And restart the daemon :

 $ sudo sudo /etc/init.d/rng-tools restart

This should now speedup key generation mechanisms (ssh-keygen, OpenSSL Certificates/Keys generation, PGP keys... ).

OpenSSL

The default OpenSSL version packaged with Debian allows do dynamically load engines. So, we will not build a new OpenSSL package but only the padlock engine.

First install the required development packages :

 $ sudo apt-get install build-essential fakeroot
 $ sudo apt-get build-dep openssl
 $ apt-get source openssl

Then we will patch OpenSSL and compile the engine :

 $ cd openssl-0.9.8c
 $ wget http://www.logix.cz/michal/devel/padlock/openssl098-padlock-shared-move.diff | patch -p1
 $ ./Configure
 $ cd engines
 $ make

And create the shared library :

 $ gcc -shared -o libpadlock.so e_padlock.o -L ../.. -lcrypto

Now copy the engine library to the default library :

 $ sudo cp libpadlock.so /usr/lib/ssl/engines/libpadlock.so

And update OpenSSL configuration (/etc/ssl/openssl.cnf) to add the following lines :

 oid_section		= new_oids
 
 ## New entries after this line
 openssl_conf = openssl_def
 
 [openssl_def]
 engines = openssl_engines
 
 [openssl_engines]
 padlock = padlock_engine
 
 [padlock_engine]
 default_algorithms = ALL

To check if all works perfectly try :

 $ sudo openssl engine padlock
 (padlock) VIA PadLock (no-RNG, ACE)

see this site for benchmarks.

OpenSSH

The problem is that OpenSSH does not use (in the version provided with Etch) by default the OpenSSL engines. So for all cryptographic operations the Padlock engine is not use. The current OpenSSH version is 4.3p2 but the patch for "4.5p1" works perfectly.

First, we will prepare the build environment :

 $ sudo apt-get install build-essential fakeroot
 $ sudo apt-get build-dep openssh
 $ apt-get source openssh
 $ cd openssh-4.3p2
 $ wget http://www.logix.cz/michal/devel/padlock/contrib/openssh-4.5p1-engines.diff | patch -p1
 $ fakeroot debian/rules binary

And then install the debian packages, for example SSH client and server :

 $ dpkg -i openssh-server_4.3p2-9etch2_i386.deb openssh-client_4.3p2-9etch2_i386.deb

Conclusion

OpenSSL and OpenSSH are now configured to use Padlock, but instead if OpenSSL selects by default the Padlock engine, the programs which use the library must explicitly activate the use of engines. So, applications which use OpenSSL to provide cryptographic mechanisms must support OpenSSL engine mechanism. It exists patches for many applications (postfix, courrier-imap ...).

The support concists in explicitly load the available hardware cryptographic engines when initializing OpenSSL. For example :

 /* Init available hardware crypto engines. */
 ENGINE_load_builtin_engines();
 ENGINE_register_all_complete();

And eventually set the "padlock" engine by default :

 /* Init available hardware crypto engines. */
 ENGINE_load_builtin_engines();
 ENGINE_register_all_complete();
 ENGINE_set_default_ciphers(ENGINE_by_id("padlock"));

Monitor mode with a Wireless Intel Corporation PRO/Wireless 3945ABG Network card

webmaster — Thu, 22 May 2008 21:21:14 +0000

The default driver Linux driver iwl3945 does not accept monitor mode anymore. This tutorial explains how install the ipwraw driver instead.

So, if you run a lspci command you should have something like :

 0c:00.0 Network controller: Intel Corporation PRO/Wireless 3945ABG Network Connection (rev 02)

This is the case on my DELL LATITUDE D630 laptop.

If you wish to use software like Aircrack-NG, the following error occurs when passing to the monitor mode (for promiscuous mode for example) :

 $sudo airmon-ng
 Interface	Chipset		Driver
 wlan0			iwl3945 - phy0
 $sudo airmon-ng start wlan0
 Interface	Chipset		Driver 
 wlan0			iwl3945 - phy0/usr/sbin/airmon-ng: 833: cannot create /sys/class/ieee80211/phy0/add_iface: Directory nonexistent
 Error for wireless request "Se@ Mode" (8B06) :
 SET failed on device mon0 ; No such device.
 mon0: ERREUR en récupérant les signaux de l'interface: Aucun périphérique de ce type 
 (monitor mode enabled on mon0)

The procedure has been tester on Ubuntu Hardy Heron, but can be easily used with other distribution.

Installation of the required packages

To check the monitor mode :

 sudo aptitude install aircrack-ng macchanger

In order to build the new driver :

sudo aptitude install linux-headers-`uname -r` build-essential libssl-dev macchanger

Build the ipwraw driver

First download the latest version of the driver at the following address : http://dl.aircrack-ng.org/drivers/

 wget http://dl.aircrack-ng.org/drivers/ipwraw-ng-2.3.4-04022008.tar.bz2

Then build the driver and firmware :

 tar -xjf ipwraw-ng*
 cd ipwraw-ng*
 make
 sudo make install
 sudo make install_ucode

Blacklist the ipwraw driver since we don't want to load it at start, it is only for monitor purpose :

 echo blacklist ipwraw | sudo tee /etc/modprobe.d/ipwraw

And finally update module dependencies :

 sudo depmod -ae

Use ipwraw driver

First unload the current wifi driver :

 @@modprobe -r iwl3945

And load the ipwraw driver, which by default allow monitoring :

 modprobe ipwraw

Now use iwconfig to check if the interface has been created, you should have something like :

 $sudo iwconfig
 lo        no wireless extensions.
 
 eth0      no wireless extensions.
 
 wifi0     unassociated  ESSID:off/any
           Mode:Monitor  Channel=1  Bit Rate=54 Mb/s
           
 rtap0     no wireless extensions.

You can now use aircrack-ng to secure your wireless connection. When you stops monitoring you wifi, you should unload the ipwraw driver and load the default one (iwl3945).

Linux Security Tools

webmaster — Fri, 04 Apr 2008 22:20:56 +0000

In this article, you will learn about some of the most important Linux security tools. The goal is not to explain how to use them but only propose a list with references which will be updated frequently.

Nmap Security Scanner

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.

Nessus Vulnerability Scanner

Nessus is a free comprehensive vulnerability scanning software. Its goal is to detect potential vulnerabilities on the tested systems. In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap 1) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction.

Clam AntiVirus

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.

Chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit. It contains shell script that checks system binaries for rootkit modification, modules to check if the interface is in promiscuous mode, to check for lastlog deletions, to check for wtmp deletions, to check for signs of LKM trojans, to check dirty strings replacement and more.

Wireshark

Wireshark is a very popular network protocol anyalizer that has a varaiety of security features including a packet browser, live capture and offline analysis and more. Basically, Wireshark captures packets going across the network and displays them to you with as much detail possible.

SSH Dictionary Attack Prevention with iptables

webmaster — Thu, 03 Apr 2008 01:33:23 +0000

Once you have a SSH server available on internet, you are exposed to SSH brute-force attacks which are rather annoying. It is frequent to observe thousand of connexion attempts with multiple common login and password. This article intends to solve this problem with specific iptables rules.

A good SSH configuration first restrict access by defining the users which are allowed to login in. This is realized with the AllowUsers directive, like this :

 AllowUsers my_user1, my_admin1

The directive can also be used to match specific host source connexion, accepting for example the root login from a specific host

 AllowUsers root@an-IP

However, this directive do not prevent a malicious user to operate a dictionary attack, and if no counter-measure is use the attacker can try as many login/password couple from various IP. Attacks are generally realized by bots and the following solution help reducing dramatically the attempts.

It exists many softwares to analyze logs or daemons to monitor connexions to a port or to a range of ports but I think that the most easy-to-use, and the method which demand few memory/CPU usage uses the IPTables/Netfilter Recent module.

Configuration is as simple as the following iptables rules :

 iptables -N SSH_MONITOR
 iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_MONITOR
 iptables -A SSH_MONITOR -m recent --set --name SSH
 iptables -A SSH_MONITOR -m recent --update --seconds 60 --hitcount 3 --name SSH -j DROP

These rules allow :

Creating a chain SSH_MONITOR to mark all incoming SSH connection.
Accept no more than 3 attempts within a 60 seconds window.
Drop all connexions that match the condition.
State is cleared when a connexion success.

This will help protecting your system, your passwords but you will always need to change them frequently.

Secure Deletion of memory

webmaster — Mon, 03 Mar 2008 21:58:27 +0000

With the use of disk encryption softwares to protect data on mobile computer, how can you be sure to ensure data confidentiality ? What is the threat if an attacker gain access to sensitive data which was supposed to be erased. ?

Un récent article Lest We Remember: Cold Boot Attacks on Encryption Keys réalisé dans le cadre du CITP, semble relancer la problématique de l'effacement sécurisé des données stockées en mémoire. Même si la problématique n'est pas nouvelle, elle touche aujourd'hui les problématique

La menace mise en avant par ce type de problématique est la possibilité qu'un attaquant puisse accéder à une donnée que l'on croyait détruite :

sur un stockage persistant (disque magnétique)
sur un stockage volatile (RAM après la coupure de la machine).

Cet article traite du second cas, et particulièrement de la catégorie des mémoires vives (RAM) des ordinateurs portables. Il illustre par une vidéo comment un attaquant peut accéder à une clef de chiffrement des disques contenue dans la mémoire vive après arrêt de l'ordinateur. Certaines expériences ont montré la rémanence des données plusieurs minutes après arrêt.

Un précédent article datant de 1996, Secure Deletion of Data from Magnetic and Solid-State Memory de Peter Gutmann décrivait la problématique du premier cas et introduisait quelques mécanismes de prévention. Il introduisait également la problématique de la rémanence des données des mémoires de type RAM.

Mais aucune contre-mesure logicielle ne permet de se prémunir de l'arrêt brutal de l'ordinateur. Les solutions de type TPM ne proposent pas de mécanisme adéquat, la clef doit toujours être chargée en mémoire, la menace reste identique. La solution se trouverait probablement du côté des cartes PCI de chiffrement ou les mémoires chiffrées ... quand les processeurs grand marché le permettront ...

En attendant, restez devant votre portable quelques minutes après l'arrêt :-)

Lancement du site

webmaster — Mon, 03 Mar 2008 21:15:36 +0000

Bienvenue à tous en cette fin de soirée, ce premier post marque le lancement du site GouNation. Le premier pas est fait, mais le plus important est à venir !!