the power of being root, scary movie III

James Wilkinson ubuntu at westexe.demon.co.uk
Thu May 19 22:28:56 UTC 2005


Magnus Therning wrote:
> It would still be possible for the root/admin to perform some tricks to
> read your data while it's in RAM... but at some point you have to start
> trusting your administrator :-)

Ultimately, with current hardware, if you can modify the kernel you can
change it to do whatever you want. (This is one reason why kernel
hackers dislike binary modules: they do change the kernel, and a bug in
the binary module can easily modify random other parts of the kernel).

This is precisely why Microsoft and others have been investigating
so-called "trusted computing": it has hardware support for a part of
memory that the OS can't modify, and can ensure that the system hasn't
been modified rom a known state. See
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html for further details.

James.

-- 
E-mail address: james | The Inquirer was set up by Mike Magee (ticker: DODGY),
@westexe.demon.co.uk  | who co-founded well-known IT site The Register seven
                      | years ago after countless years editing and managing
                      | all manner of things which could be Aardvark Today and
                      | Fish Farming Monthly but weren't. -- The Inquirer




More information about the ubuntu-users mailing list