Re: [Fed-Talk] Malware targeting ActivIdentity smart cards
Re: [Fed-Talk] Malware targeting ActivIdentity smart cards
- Subject: Re: [Fed-Talk] Malware targeting ActivIdentity smart cards
- From: "Miller, Timothy J." <email@hidden>
- Date: Fri, 13 Jan 2012 21:18:37 +0000
- Thread-topic: [Fed-Talk] Malware targeting ActivIdentity smart cards
The described attack is also known as a "subverted terminal attack" and is
a general attack against *all* smartcard systems (including stored value
cards as well as cryptoprocessor cards). Attacks of this type have been
described in open literature since at least 1996.
-- T
On 1/13/12 2:49 PM, "David Emery" <email@hidden> wrote:
>All true... But I think there's a different "sense of trust" between
>getting all of your IA/security stuff built into the OS, versus having to
>obtain and install some 3rd party package (even if you download it from a
>.mil site.) Note both Windows and Macs have this problem; I have to run
>Thursby PKard to get my CAC to work (and that package has given me some
>non-IA problems with potential for finger-pointing between Thursby and
>Apple, because the Thursby software causes an Apple process to crash.)
>
> dave
>
>On Jan 13, 2012, at 3:43 PM, William Cerniuk wrote:
>
>> It might be argued that any input to a computer is a point of
>>vulnerability.
>>
>> How easy is it to design a wedge driver for USB or Bluetooth?
>>Essentially capture everything in the flow in from the analog world to
>>the digital world. It does not matter how NIST certified your crypto is
>>on that hard drive or that CAC/PIV card; as long as the interface to the
>>device does not have a direct connection to the encrypted device, it is
>>an easy point of attack.
>>
>> The only way a PIV or a CAC card can be secure from electronic data
>>capture at PIN entry is to have a membrane keypad on the CAC/PIV card
>>itself. But... then it could be argued that a RF monitor embedded below
>>the desk surface, sufficiently close to the PIV card, could pick up the
>>RF leakage and determine the codes bases on keypad voltage variations
>>and the resulting RF output from key presses.
>>
>> The most secure system is a system that is not used... which frequently
>>is the result of attempts at risk elimination vs mitigation ;-)
>>
>> Best,
>> Wm.
>>
>>
>> On Jan 13, 2012, at 15:11, David Emery <email@hidden> wrote:
>>
>>> Independent of the problems Windows has with vulnerabilities, this
>>>highlights the problems in depending on a 3rd-party add-on as an
>>>element of what should be your Trusted Computing Base!
>>>
>>>> ...
>>>>> With ActivIdentity as the target, the attacks are clearly aimed at
>>>>>U.S. defense departments, the Times added. But it's as yet unknown
>>>>>what information the hackers have so far been able to capture.
>>>
>>>
>>> dave
>>> -----
>>> David Emery, 703 298 3473 (c) 703 272 7496 (fax)
>>> Supporting PdM Software Integration
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>
>-----
>David Emery, 703 298 3473 (c) 703 272 7496 (fax)
>Supporting PdM Software Integration
>
>
>
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>
>This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden