WingNews logo WingNews
top | item 11213551

(no title)

nullrouted | 10 years ago

It doesn't always require root privileges...for instance if some program (wireshark) changes the permissions on your loopback. There are other questions there but I'll probably dig into it later.

The thing I guess I would say bothers me about your post is you just say well, if a person gets access to a machine it is basically all over which isn't necessarily the case. Even if they get root access we don't want to make it easy, right? Thats why we encrypt databases or in certain cases storage at rest so even if the hacker has root access it is sure going to be hard.

1Password can never absolutely protect against an attack when an attacker has root. But they can make it harder then just dumping out lo0. Level of effort does account for something.

discuss

order

kentonv|10 years ago

> for instance if some program (wireshark) changes the permissions on your loopback.

That would be a serious security flaw in that program. Some program could also change the permissions on /dev/mem (or really any other device), with similarly disastrous results.

You can't expect 1password to defend you against other programs disabling the security of your operating system.

> if a person gets access to a machine it is basically all over which isn't necessarily the case.

Root access with ability to run sophisticated arbitrary code is game over, period.

Things that we should actually try to defend against (somewhat) include:

- A human briefly sitting down at your machine while you go to the bathroom. (E.g. Chrome's UI that allows you to display back your saved passwords in cleartext with no challenge is a legitimate security flaw, IMO.)

- Someone physically stealing your machine and then trying to dump the disk.

- Malicious software running without priviliges.

However, malicious software running as root is game over. Sorry, it is. Trying to make it hard for such software to do bad things is simply not feasible; there are far too many avenues of attack.

> Thats why we encrypt databases or in certain cases storage at rest

No, we encrypt data at rest to defend against physical theft of the storage medium, not to defend against live running processes that have root privileges.

If a malicious process has root, your encryption is meaningless. The key is in memory somewhere. The attacker doesn't really need to know where. They can dump the entirety of memory, and then cycle through it trying every N bytes as the encryption key and see if it works. This won't take very long!

tangled_zans|10 years ago

You make some very good points. Question is, is there any way to know if such a malicious program is on your machine?