In an industry where most people have narrowly focused specialties, Nate Lawson is the equivalent of a Swiss Army knife. He was the lead designer of RealSecure, the first commercial IDS, designed the BD+ DRM scheme for Blu-ray, and has dabbled in hardware security. Now running his own consultancy, Root Labs, Lawson is putting his skills to work to embed security into devices.
Devices like the iPhone have full computing capabilities, but security seems to be a challenge. Do you expect to see more devices with embedded security?
Yes, I think embedded security is a growing segment that is underserved by security firms. As software becomes the most valuable asset on a device, even vendors of cell phones, MP3 players and game consoles are adding protection. The number of devices that could benefit from signed code updates is staggering. Your PC has numerous devices that are flash-updatable, and none of them use digital signatures. There is no protection against bricking the device or installing a rootkit that survives a full OS reinstall. The possibility of making mistakes in even simple code like RSA signature validation is quite high, so it's important to get your design reviewed.
With all of the news lately about people finding ways to circumvent AACS and various other DRM schemes, what do you think is the long-term viability of DRM?
If you look back five years, you see lots of fears that there would be unbreakable DRM. Now there's more of an aura that all DRM is doomed. While AACS and BD+ anticipated periodic breaks, the important difference is our update window is every disc and theirs is three months. A given instance of DRM is always breakable, but our opinion was if you design a system that allows frequent updates and puts the cost of security in the hands of those who have the risk, you'll have a system where each disc remains secure for the key release window.
Why were you so skeptical about the claims by Joanna Rutkowska and others that they can create an undetectable hypervisor rootkit?
Rootkits are impossible to make completely stealthy. It's a function of the cross section of the machine. A normal rootkit has to emulate certain subsections of the OS, and there are ways to find them because of that. Hypervisor rootkits have to allow the OS to interact with every piece of hardware and software. So many things have to be emulated. Joanna is trying to patch all of those problems. The question is, can you set up the chess pieces ahead of time to have an advantage? The problem she chose to solve was to emulate the x86 PC platform perfectly, so it was easy for us to take the other side, as bug-free software is impossible.
Download the complete interview with Nate Lawson at searchsecurity.com.