Slashdot Mirror

← Back to Stories (view on slashdot.org)

IBM Running Linux On Secure Hardware

Posted by timothy on from the don't-lose-your-password dept.

Schmad writes: "IBM announced at LinuxWorld today that IBM Research and Cryptographic Appliances have Linux running on FIPS 140 Level 4 hardware. Imagine, Linux running in a totally secure environment! Peter Gutmann, father of the crypto toolkit cryptlib, has some things to say about it here."

6 of 143 comments (clear)

  1. Re:Secure Environment by David+Price · · Score: 3, Informative
    I believe that, upon intrusion detection, the IBM card zeroizes all its RAM in a secure and non-recoverable fashion. The idea is that you can generate your crypto keys and keep them on the card, never exposing them anywhere outside its secure perimeter. This means that if an attacker gains physical access to your server (by breaking into the machine room or somesuch), even that level of access will be insufficient to recover the key material.


    This level of paranoia is appropriate for organizations for whom Crypto is Life (think CAs, credit card companies, banks, big e-commerce houses, etc.)

  2. Re:Secure Environment by Shortwave · · Score: 2, Informative

    During the situation with the US Navy EP-3 on Hainan Island, CNN interviewed a gentleman (think he was NSA or some agency, not sure) who demonstrated some of the boxes on board the plane. Just removing a screw causes the box to zap to firmware inside and you're just left with an anchor - useless silicon with nothing on it.

    I like the Superman III scenario personally. For some reason that scared the crud out of me when I saw it in the theater. I was about 7 then. Didn't look at my C64 for a week :-)

  3. Re:uh.. just one question.. by Anonymous Coward · · Score: 1, Informative
    http://csrc.nist.gov/publications/fips/fips1401.ht m Check the facts before you mouth off. I quote:
    "Security Level 4 provides the highest level of security. Although most existing products do not meet this level of security, some products are commercially available which meet many of the Level 4 requirements. Level 4 physical security provides an envelope of protection around the cryptographic module. Whereas the tamper detection circuits of lower level modules may be bypassed, the intent of Level 4 protection is to detect a penetration of the device from any direction. For example, if one attempts to cut through the enclosure of the cryptographic module, the attempt should be detected and all critical security parameters should be zeroized. Level 4 devices are particularly useful for operation in a physically unprotected environment where an intruder could possibly tamper with the device."
    These puppies self-destruct (zero out) if they're tampered with. They even had problems sending them by plane - they self-destructed because of the cabin pressure differences! Great for PKI - and that can PROTECT privacy, not harm it. Banks love them - 'cept the cost.

    t00t TooT

  4. We use these at work by landtuna · · Score: 2, Informative

    We use IBM 4758s at work. They're a huge pain to deal with - we've had a bunch spontaneously die. Apparently the earlier boards were more sensitive to pressure and things like that, and they just gave up on life as a result.

    The difficult thing about programming these boards is all the states they go through in the lifecycle of getting code securely loaded. There are a million different utility scripts to change the state of code trust.

    I'm curious to see how linux handles all this secure code loading stuff. Let's hope it's easier.

    (Not that I'm disparaging these boards. What they do is really amazing, as far as they can assure you that your secrets inside will never get out and the code that you have running there is your code.)

    1. Re:We use these at work by John+Harrison · · Score: 2, Informative
      They're a huge pain to deal with - we've had a bunch spontaneously die. Apparently the earlier boards were more sensitive to pressure and things like that, and they just gave up on life as a result.

      Here is my understanding of the situation. The internals of the 4758 are wrapped in paper that has a grid of conduting ink inside it. If any change in the conductivity of the ink is detected the 4758 is zeroed. So if someone manages to stick a logic probe thorugh the epoxy that seals the box, piercing the paper will zero the memory.

      The supplier of this wrapper intially used ink that was past the expiration date. It degraded after manufacture and the boards detected this as an intrusion attempt. This has been fixed now.

      Shipping the boards is also a pain. I think they are made in Italy and the changes that occur in temperature and pressure while they are in transit used to cause them to zero.

      --
      Lasers Controlled Games!
  5. Re:Mirror- build your own by Lumpy · · Score: 3, Informative

    Sounds like a simple PC locked in a safe surrounded by Plastic explosive would be a cheaper option...

    It's funny, they spend billions to make a "secure" hardware platform while you only have to spend a few million and common knowlege to make a generic platform secure. -- Put the PC where no-one can get to it, inside a faraday cage, and shoot anyone that comes near it.

    pretty darn simple to get a secure computer.

    --
    Do not look at laser with remaining good eye.