michael.holstein at csuohio.edu
Mon May 15 12:30:49 UTC 2006
> Flash is writable, so can be tampered. The critical secret (the
> server's key) is in the ro part. So what good is it?
There are a variety of hardware devices that attempt to address this ..
IBM's secure crypto cards (PCI) come to mind -- these are used in a
variety of ATMs for example, and store the key in volatile memory,
protected against side-channel and physical attack.
> Really, guys. If it is protection against governments you want, you
> are barking up the wrong tree. Too difficult.
It's fun to try though, and since I'm not doing anything illegal with
TOR, I'm only trying to help save other people's bacon.
While you'll never make anything *impossible*, you can make it so bloody
difficult and expensive that you'll can tire your advisory.
Remember, the price of freedom is eternal vigilance (Jefferson).
More information about the tor-talk