gpg in a cybercafé

Jean-David Beyer jeandavid8 at verizon.net
Sat Mar 7 20:38:30 CET 2015 

On 03/06/2015 05:05 AM, Werner Koch wrote:
> On Fri,  6 Mar 2015 09:12, htd+ml at fritha.org said:
> 
>> In case you're allowed to boot from an external medium, this still won't be
>> secure. Because you have no control over the hardware built into the computer,
> 
> Does not even need to be hardware: A (remotely) modified firmware might
> first boot you into a virtual machine and only then boot the OS from
> disk or USB.
> 
> 
I built a virtual machine once.

I had a computer with no memory management hardware. And I had a FORTRAN
compiler for it that worked pretty well, but if I wrote too many
EQUIVALENCE statements, the computer crashed. A FORTRAN compiler is
pretty big and inspecting all its code was out of the question.

I wrote a program for a virtual machine that had all the same
instructions as the real hardware did, so that was trivial: took less
than a day to write it. But it had a little extra feature: memory
management. The virtual machine ran as its input, the binary
instructions of the programs that would normally run on the real
machine. Like the OS, the compilers, etc. The easiest way to tell if the
real machine was running or the virtual machine was that the virtual
machine ran about 20x slower.

I loaded the virtual machine and started it up. Then I invoked the
FORTRAN compiler and presented it with a program with a lot of
EQUIVALENCE statements, and saw that it was over-writing the interrupt
vectors at the bottom of RAM, and further, what the offending
instruction was. The original compiler had a bug were an index register
needed to be specified, and it was omitted. Pretty simple.

Now a black hat could easily put any old virtual machine on that
machine, so doing nasty things would have been pretty easy. I suppose it
is a little more difficult at a cyber cafe or public library. But not if
I owned the cafe or worked in the library.

-- 
  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key:166D840A 0C610C8B Registered Machine  1935521.
 /( )\ Shrewsbury, New Jersey    http://linuxcounter.net
 ^^-^^ 14:25:01 up 6 days, 22:33, 2 users, load average: 4.02, 4.07, 4.11

More information about the Gnupg-users mailing list