Please create an account to participate in the Slashdot moderation system


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Unsigned BIOS replacement is the problem (Score 2, Interesting) 236

You are assuming that the signed code can be trusted, which is a bad assumption. The signed code is from a vendor; how many vendors ship code with broken security; how many vendors would you expect to happily sign code with broken security, in the PC world? Answer: all of them :-)
This development should not be a surprise to anyone, but evidently it is. We've been trying to warn people about this possibilty for 10 years; nobody seemed to care. I am hoping they care more now.
I still feel the only solution to building PC systems you can trust is to turn to open code bases for ALL BIOS code. It's just too easy to hide some very nasty things in a 1 Mbyte binary blob.
BTW, this BIOS exploit is the tip of the iceberg. Check this one out: How can your work around that one? It may be the only way to build machines we can trust is to get ouf of the x86 world entirely.

Comment Re:A few notes from Ron Minnich (Score 5, Informative) 161

We will probably approach MS at some point, if it appears to be necessary, and see if they are interested. I do have friends there who might be interested in what we're doing.
The biggest limit we've found on the VM side is memory footprint of the VM guests, and it's very easy to control that with Linux; harder with Windows. We have some ideas in that area too, but it's way too early to speculate on them.
But from my point of view, it is a lot easier to do this kind of work in Linux than in Windows (I have done NT drivers in a past life), not least because of the openness of the environment. Hence, I'd rather try to find a way to make it all work on Linux.
Consider this work the beginning of the story; it's not even chapter 1, maybe it's the preface. There's a lot of work left to do. There's a lot we still don't know.

Comment A few notes from Ron Minnich (Score 5, Informative) 161

Hi, Ron here. Just thought I would mention a few things.
I love the "life imitates xkcd" aspect. :-)
We're well aware that Wine is not quite enough to run many windows bots. Until a year or so ago, however, there was a researcher in North Carolina running Storm under Wine, but he told me that that effort ended when Storm added a kernel driver. We've got some ideas in that area. We expect that implementing them will cost less than 1 million Vista licenses.
I was surprised to find I have become a cybersecurity expert! What I really am is an HPC expert who is using HPC tools and resources to build a system for studying cybersecurity phenomena on a millions-of-nodes scale.
Doing anything with a million of something gets interesting fast. There's a lot of interesting challenges.

Slashdot Top Deals

On the Internet, nobody knows you're a dog. -- Cartoon caption