IBM Running Linux On Secure Hardware

Schmad writes: "IBM announced at LinuxWorld today that IBM Research and Cryptographic Appliances have Linux running on FIPS 140 Level 4 hardware. Imagine, Linux running in a totally secure environment! Peter Gutmann, father of the crypto toolkit cryptlib, has some things to say about it here."

Re:Secure Environment

[David+Price]

I believe that, upon intrusion detection, the IBM card zeroizes all its RAM in a secure and non-recoverable fashion. The idea is that you can generate your crypto keys and keep them on the card, never exposing them anywhere outside its secure perimeter. This means that if an attacker gains physical access to your server (by breaking into the machine room or somesuch), even that level of access will be insufficient to recover the key material.

This level of paranoia is appropriate for organizations for whom Crypto is Life (think CAs, credit card companies, banks, big e-commerce houses, etc.)

Re:Secure Environment

[Shortwave]

During the situation with the US Navy EP-3 on Hainan Island, CNN interviewed a gentleman (think he was NSA or some agency, not sure) who demonstrated some of the boxes on board the plane. Just removing a screw causes the box to zap to firmware inside and you're just left with an anchor - useless silicon with nothing on it.

I like the Superman III scenario personally. For some reason that scared the crud out of me when I saw it in the theater. I was about 7 then. Didn't look at my C64 for a week :-)

We use these at work

[landtuna]

We use IBM 4758s at work. They're a huge pain to deal with - we've had a bunch spontaneously die. Apparently the earlier boards were more sensitive to pressure and things like that, and they just gave up on life as a result.

The difficult thing about programming these boards is all the states they go through in the lifecycle of getting code securely loaded. There are a million different utility scripts to change the state of code trust.

I'm curious to see how linux handles all this secure code loading stuff. Let's hope it's easier.

(Not that I'm disparaging these boards. What they do is really amazing, as far as they can assure you that your secrets inside will never get out and the code that you have running there is your code.)

Re:We use these at work

[John+Harrison]

They're a huge pain to deal with - we've had a bunch spontaneously die. Apparently the earlier boards were more sensitive to pressure and things like that, and they just gave up on life as a result.

Here is my understanding of the situation. The internals of the 4758 are wrapped in paper that has a grid of conduting ink inside it. If any change in the conductivity of the ink is detected the 4758 is zeroed. So if someone manages to stick a logic probe thorugh the epoxy that seals the box, piercing the paper will zero the memory.

The supplier of this wrapper intially used ink that was past the expiration date. It degraded after manufacture and the boards detected this as an intrusion attempt. This has been fixed now.

Shipping the boards is also a pain. I think they are made in Italy and the changes that occur in temperature and pressure while they are in transit used to cause them to zero.

Re:Mirror- build your own

[Lumpy]

Sounds like a simple PC locked in a safe surrounded by Plastic explosive would be a cheaper option...

It's funny, they spend billions to make a "secure" hardware platform while you only have to spend a few million and common knowlege to make a generic platform secure. -- Put the PC where no-one can get to it, inside a faraday cage, and shoot anyone that comes near it.

pretty darn simple to get a secure computer.