February 23, 2008

Frozen Bits

An article in today's NY Times makes clear just how fragile our information security can be.

But they said they had proved that so-called Trusted Computing hardware, an industry standard approach that has been heralded as significantly increasing the security of modern personal computers, does not appear to stop the potential attacks.

A number of computer security experts said the research results were an indication that assertions of robust computer security should be regarded with caution.

“This is just another example of how things aren’t quite what they seem when people tell you things are secure,” said Peter Neumann, a security researcher at SRI International in Menlo Park, Calif.

Kip does not know exactly what the implications for this on, for instanced, a zeroed out FBCB2, but it should certainly give pause to anyone (like Kip was often forced to do by his job in Afghanistan) who regularly travels with a classified laptop. It seems, for the cost of an air can, to give insurgents who are able to net a computer from an attack, a (still remote, but higher) possibility of stealing classified data.