Home > Information Security Magazine > Columns > Ping
EMAIL THIS LICENSING & REPRINTS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Ping
by Dennis Fisher
Issue: Sep 2007
printer-friendly
licensing & reprints

In an industry where most people have narrowly focused specialties, Nate Lawson is the equivalent of a Swiss Army knife. He was the lead designer of RealSecure, the first commercial IDS, designed the BD+ DRM scheme for Blu-ray, and has dabbled in hardware security. Now running his own consultancy, Root Labs, Lawson is putting his skills to work to embed security into devices.

Nate Lawson

Devices like the iPhone have full computing capabilities, but security seems to be a challenge. Do you expect to see more devices with embedded security?
Yes, I think embedded security is a growing segment that is underserved by security firms. As software becomes the most valuable asset on a device, even vendors of cell phones, MP3 players and game consoles are adding protection. The number of devices that could benefit from signed code updates is staggering. Your PC has numerous devices that are flash-updatable, and none of them use digital signatures. There is no protection against bricking the device or installing a rootkit that survives a full OS reinstall. The possibility of making mistakes in even simple code like RSA signature validation is quite high, so it's important to get your design reviewed.

With all of the news lately about people finding ways to circumvent AACS and various other DRM schemes, what do you think is the long-term viability of DRM?
If you look back five years, you see lots of fears that there would be unbreakable DRM. Now there's more of an aura that all DRM is doomed. While AACS and BD+ anticipated periodic breaks, the important difference is our update window is every disc and theirs is three months. A given instance of DRM is always breakable, but our opinion was if you design a system that allows frequent updates and puts the cost of security in the hands of those who have the risk, you'll have a system where each disc remains secure for the key release window.

Why were you so skeptical about the claims by Joanna Rutkowska and others that they can create an undetectable hypervisor rootkit?
Rootkits are impossible to make completely stealthy. It's a function of the cross section of the machine. A normal rootkit has to emulate certain subsections of the OS, and there are ways to find them because of that. Hypervisor rootkits have to allow the OS to interact with every piece of hardware and software. So many things have to be emulated. Joanna is trying to patch all of those problems. The question is, can you set up the chess pieces ahead of time to have an advantage? The problem she chose to solve was to emulate the x86 PC platform perfectly, so it was easy for us to take the other side, as bug-free software is impossible.


Download the complete interview with Nate Lawson at searchsecurity.com.





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts