Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: How to dig out rootkits."

Download it now to read this article plus other related content.

In an industry where most people have narrowly focused specialties, Nate Lawson is the equivalent of a Swiss Army knife. He was the lead designer of RealSecure, the first commercial IDS, designed the BD+ DRM scheme for Blu-ray, and has dabbled in hardware security. Now running his own consultancy, Root Labs, Lawson is putting his skills to work to embed security into devices.

Nate Lawson

Devices like the iPhone have full computing capabilities, but security seems to be a challenge. Do you expect to see more devices with embedded security?
Yes, I think embedded security is a growing segment that is underserved by security firms. As software becomes the most valuable asset on a device, even vendors of cell phones, MP3 players and game consoles are adding protection. The number of devices that could benefit from signed code updates is staggering. Your PC has numerous devices that are flash-updatable, and none of them use digital signatures. There is no protection against bricking the device or installing a rootkit that survives a full OS reinstall. The possibility of making mistakes in even simple code like RSA signature validation is quite high, so it's important to get your design reviewed.

With all of the news lately about people finding ways to circumvent AACS and various other DRM schemes, what do you think is the long-term viability of DRM?
If you

    Requires Free Membership to View

look back five years, you see lots of fears that there would be unbreakable DRM. Now there's more of an aura that all DRM is doomed. While AACS and BD+ anticipated periodic breaks, the important difference is our update window is every disc and theirs is three months. A given instance of DRM is always breakable, but our opinion was if you design a system that allows frequent updates and puts the cost of security in the hands of those who have the risk, you'll have a system where each disc remains secure for the key release window.

Why were you so skeptical about the claims by Joanna Rutkowska and others that they can create an undetectable hypervisor rootkit?
Rootkits are impossible to make completely stealthy. It's a function of the cross section of the machine. A normal rootkit has to emulate certain subsections of the OS, and there are ways to find them because of that. Hypervisor rootkits have to allow the OS to interact with every piece of hardware and software. So many things have to be emulated. Joanna is trying to patch all of those problems. The question is, can you set up the chess pieces ahead of time to have an advantage? The problem she chose to solve was to emulate the x86 PC platform perfectly, so it was easy for us to take the other side, as bug-free software is impossible.


Download the complete interview with Nate Lawson at searchsecurity.com.

This was first published in September 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: