l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
July 21: Defensive computing: Information security for individuals
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2010 Dec 20 14:29

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Security in space!!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Security in space!!



On Mon, Dec 20, 2010 at 12:00 PM,  <vox-tech-request@lists.lugod.org> wrote:
>> Not physical access--it's hanging out 25,000 miles up in the air--so
>> much as information leakage.  The threat has to do with possibly
>> classified information leaking out.  Suppose that our hypothetical
>> Linux-running satellite processes classified information.  Now suppose
>> that something makes its kernel panic.  My understanding is that when
>> the core is dumped, including whatever possibly sensitive information
>> is in memory at the time, it becomes readable to anyone who can snarf
>> the coredump file and apply kernel debugging tools to it.  This would
>> be bad.  The easiest way I can think of to stop this would be to stop
>> the kernel from dumping core.
>
> Uhm, you have to have a key in memory to read the data or in some register
> and a decryption device. Say your device kernel panics. The network
> stack will go away, correct? And then you won't have to worry? I assume
> that the issue of physical security is not a big issue, correct? Not
> too many people doing space walks or are there? ;-) Or, is there
> an adversary with a robotic arm somehwere?

Theoretically, yes--there's no worry.  In practice, I'm PAID to worry.

> Perhaps you could use SPARK/ADA and develop a fully verified correct
> system that has full a <-> b relationship where b is always a secure
> state and a is your functionality set, and not a -> b, such that you
> implied. SPARK has a full system verification process and a built in
> prover using Prolog to aid in verification based upon annotations and
> architectural limitations that you provide.

Now THAT is a potentially fabulous idea.  I need to work up a proposal
for that.  Thanks!!


> On Mon, Dec 20, 2010 at 09:02:01AM -0800, Nicole Carlson wrote:
>>
>> Trust me--it is DEAD SEXY.  If I could give y'all a talk on it, I
>> would.  (Actually, I'm in Davis on 1/12, if you guys want me.)
>
> Ooh, our January meeting (our 12th anniversary, too!) is on the 17th.
> Of course, if you're in Davis and want to have a little informal
> gathering somewhere to talk about this, then by all means...!

Actually, I might be around then, too.  You guys have a speaker
planned?  Well.  Before I get ahead of myself, let me see if I can get
the idea cleared by the Corporate People In Charge Of Clearing Talks.

--n

-- 
http://ellipticcurve.livejournal.com
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.