Re: OT: Smartcards and Physical Security [Was: Re: Backport of the integer overflow in the brk system call]
On Tue, Dec 02, 2003 at 05:34:05PM -0800, Don Armstrong wrote:
> On Tue, 02 Dec 2003, Tom wrote:
> > I think the DD's should seriously think about requiring smartcards.
> > It would have prevented the proxmiate cause of our recent troubles.
> Smartcards are not a magical panacea either. The problems associated
No, they're not. Security is all about layers of defense.
> with them aren't too terribly different from those associated with
> keys or other forms of physical security, notably, that they can be
> stolen, or the output from them duplicated. Refer to the ongoing saga
> between DirectTV and satelite pirates for a trivially applicable
Yes but the attacker did not "steal" the DD's computer. He rooted it
remotely. It is true that a shitty smartcard which is only dumb storage
for a private key is no better than storing your keys on an USB keyring.
Good smartcards never transfer the key off the card. The smart card can
be compromised itself true. Repeat: Security is about layers of
defense. Multiple things have to be compromised.
> From my perspective, Smartcards do little to raise the bar. They
> merely move the bar sideways.
You're wrong. They're better.