![[Chaos CD]](../../images/chaoscd.jpg) |
| ![[Gescannte Version]](../../images/scan.jpg) |
![[ -- ]](../../images/prev.jpg) |
![[ ++ ]](../../images/next.jpg) |
![[Suchen]](../../images/search.jpg) |
|
| |
|
|
|
Intel plans for world dominationGood afternoon gentlemen, I've been reading the correspondence on the possibility of govt keystroke access with some interest. I'm in a slightly odd position as I'm responsible for security in one of the larger wintel companies. As such I've been getting quite a feeling of deja vu reading your mails. Intel and others are moving in exactly this direction with a number of initiatives, most notably the PC98, PCXX, and "Wired For Management". WfM in particular is very scary - one of the components is a facility for PC's to download and run digitally signed software before the OS is booted - between "the end of BIOS initialisation and when control is transferred to a high-level OS" in the words of one Intel document. The code is verified by routines embedded in the BIOS and will allegedly use some subset of X.509v3 and PKCS#1. As so often happens in circumstances like this I can't risk passing documents directly as I can't be sure of their provenance - I really have no idea which ones are now considered trade secrets and which have been made public. Instead I recommend you have a look at the Intel WfM site http://www.intel.com/ial/wfm/ with particular reference to the "Pre-Boot Execution Environment" (PXE) and "System Management BIOS" SMBIOS). The Microsoft pc98 site is at http://www.microsoft.com/hwdev/pc98.htm and the Intel one at http://developer.intel.com/design/pc98/
And, DM reminds of the DIRT program Ray Arachelian first posted here: There's an article on page 37 of the July 6, 1998 issue of NetworkWorld about a new software product for Windows machines that is basically a trojan horse that allows access to all keystrokes and files on a system from a remote "America's Most Wanted"-type HQ. I can't find the article online at KRAP is at it in the IETF It has come to my attention that the KRAP (key recovery alliance program) has submitted an I-D (internet draft) to the IETF for adding GAK (government access to keys) to the IPSEC protocols: ftp://ftp.ietf.org/internet-drafts/draft-rfced-exp-markham-00.txt ISAKMP Key Recovery Extensions
7. AUTHOR INFORMATION Tom Markham Secure Computing Corp 2675 Long Lake Road Roseville, MN 55113 USA Phone: 651.628.2754, Fax: 651.628.2701 EMail: tom_markham@securecomputing.com I consider this a perversion of the standards process of the IETF to advance a political agenda which must be stopped at all cost. Below are the e-mail addresses of some people that you should write (politely) expressing your objections to any such additions to the protocols: IPSEC Chairs:
Theodore Ts'o
Robert Moskowitz Security Area Directors:
Jeffrey Schiller As I mentioned before, be polite. These people are not the ones proposing GAK be added to the IPSEC protocols. They have put a lot of time and effort in forwarding the cause for strong encryption. They should be made aware of the communities objections to these attempts by KRAP.
"William H. Geiger III"
|
[Datenschleuder]
[64]
Intel plans for world domination