<R0b0t1>
DocScrutinizer05: I found out OMAP3430 supports TrustZone. Ergo, the one in use on the neo900 ostensibly should.
<R0b0t1>
like you probably don't care but I just remembered about that
<R0b0t1>
so uh yeah
ShadowJK has quit [Ping timeout: 256 seconds]
vakkov has joined #neo900
<ZetaR>
R0b0t1: TrustZone has to do with HW virtualization/sandboxing?
<R0b0t1>
coincidentally...
<R0b0t1>
basically you can set areas of memory which can't be accessed or can be conditionally accessed. the hardware also keeps track of a privileged domain.
<ZetaR>
That is cool. Are you thinking of a specific use case for the Neo900?
<R0b0t1>
I need to see how the device tree and hardware fit into that, but it should work
<R0b0t1>
or at least the main interactible OS being virtualized
<R0b0t1>
it's neat stuff. thought I had a good idea, and I guess I did, because somebody already did it :p
<ZetaR>
According to Wikipedia, TrustZone only is two virtual processors? You could put things into a secure and insecure group, but not break it down per application like Qubes-OS.
<R0b0t1>
Well... it is one hardware enforced boundary. This is enough to guarantee that the privileged domain can't be overtaken as say, older PCIe busses were susceptible
<ZetaR>
Still a great improvement though.
<R0b0t1>
from that the OS can enforce additional boundaries with some ease
<R0b0t1>
well
<R0b0t1>
yeah
<R0b0t1>
phone progress is slow in all meaningful metrics except graphics performance ._.
<R0b0t1>
you could also timeshare the guests, but meh
<ZetaR>
I have worked on isolation like that to some degree for my personal devices. The problem I always found was that the applications accessing the Internet had most of the data I wanted to keep secure.
<R0b0t1>
Well... in those instances what's most important that you try to store the bulk of the data separately and work in sessions
<R0b0t1>
but yeah
<R0b0t1>
I'd noticed that too
<ZetaR>
I'm actually sort of working on an isolation problem now... I want to have a network fileserver, but I don't want it to have access to my files. I am trying to figure out the best way to have a shared encrypted filesystem.
<ZetaR>
I think though that isolation offers a great improvement when you focus on the part with the highest attack surface: the browser. Then e.g. your email (which is probably the bulk of sensitive information) can use a lower attack-surface via a MUA, and thus have partial protection against remote attacks.
<R0b0t1>
You can sync encypted blobs to it. That's basically the best you can do. I'm not sure why you'd not want it to have access to your data, though (unless you don't control it I guess).
<R0b0t1>
and mhm biggest issue is definitely the browser
<R0b0t1>
it's just like
<R0b0t1>
permission separation has been recreated at all levels
<R0b0t1>
like, you have webbrowsers reimplmenting the concept of users and processes
<R0b0t1>
(poorly)
<ZetaR>
I am trying to reduce the number of trusted devices in my network. Also, the router would have the shared storage.
<R0b0t1>
The best solution I know of would be to have a file host that is only that with encrypted storage. All of the devices which might be attacked need not permanently store all data, and the attack surface of NFS or Samba is pretty small comparatively.
<R0b0t1>
as for reducing the number of trusted devices, hmm. I'm not sure.
<ZetaR>
(browsers) IMO this is to a great degree a problem caused by monolithic design. A browser is too complex to be one giant program... it needs to be broken up into semi-independent sub-modules/programs.
<R0b0t1>
I've no idea if not trusting the file server is worth the hassle. There's certain cases where it could be, but idk if those conditions preclude things like having a fileserver anyway
<R0b0t1>
(browsers) yeah there's a few projects in that direction, they mostly have working ecosystems. kind of.
<R0b0t1>
still neckbeard territory :p
<ZetaR>
If you have full-disk encryption and good security on each end-user device, then the network fileserver starts to look like a giant hole in your protection.
<ZetaR>
Reminds me; I still have to set up LUKS on my N900.
<R0b0t1>
ZetaR: yes, but if the fileserver uses key authentication, say, what is the fuss?
<R0b0t1>
if you desire some kind of centralization you'll have to compromise somewhere
<R0b0t1>
personally I'm just waiting for the day I can carry around all my data on my person :^)
<ZetaR>
R0b0t1: Its basically just for persistent multi-user/device files in a home network. I guess it isn't a big deal, but I did had a neighbor walk into my house and steal devices off my desk once. Or it might just be metaphorical tin-foil to keep out the mind-control rays. :P
<R0b0t1>
well no it makes sense
<R0b0t1>
I do something similar, but only way I've found that's reasonable is occasionally checking in encrypted backups
<R0b0t1>
:\
<R0b0t1>
kind of unwieldy
<ZetaR>
Well, I have found two good(ish) solutions: doing NFS/Samba with EncFS or eCryptFS over it, which encrypts files sort of individually; or implementing a network block device with a more common solution layered on top (e.g. LUKS). The former is convenient and easy, but was not written by cryptographers and so it has some major flaws. The latter is a bit harder and has inconveniences, but would allow a much stronger encryption layer.
<ZetaR>
This is all pretty OT, though, so I shouldn't go into much detail here.
<ZetaR>
Also, I should probably go to bed, considering it is about 3am here.
<ZetaR>
Time for sleep, goodnight. ;-)
Oksana has quit [Ping timeout: 246 seconds]
Oksana has joined #neo900
Pali has joined #neo900
<R0b0t1>
wut
<R0b0t1>
oh yeah have a good one ZetaR
<R0b0t1>
DocScrutinizer05: How will neo900 boot? Do you know? Will you have access to bootloader signing keys?
<R0b0t1>
I would expect you to
<chainsawbike>
R0b0t1, i fullly expect that the bootloader will not be locked ( no keys needed )
sparetire_ has quit [Quit: sparetire_]
<R0b0t1>
amazin
<x29a>
i just received my TOHKBD, im not very happy with it
<x29a>
but that guy seems to have sourced a lot of N900 for the keyboards, maybe he has some spare housings?
<R0b0t1>
chainsawbike: wait do you know if end-users could sigh it
<chainsawbike>
R0b0t1, unless i have been incorrectly informed, it does not need singed at all
<R0b0t1>
that may be truej
<R0b0t1>
I'd like to know if, based on the logistics of how all of that works that you may have read about, if it *can* be signed
<R0b0t1>
there is value in it
<chainsawbike>
i see little value in setting up a secure boot system - if they are in far enough to re-flash your bootloader you need to do a full re-install anyway
<R0b0t1>
evil maid can be done in the time you leave your phone on the table and go to the restroom :\
<R0b0t1>
and you might not know it happened, which is the bigger issue
<R0b0t1>
not necessarily stopping them
paulk-aldrin has joined #neo900
<chainsawbike>
unless you setup a system where *every executable* on your device is signed and checked before execution getting the bootloader signed, in my view will achieve very little.
<R0b0t1>
nah
<chainsawbike>
and due the the nature of this device, being intended as a hackable device you will need your own key, as if it is shared everyone can use it to sign anything , which means you the user will need to sign everything yourself before you can install it
<chainsawbike>
and if you loose said key the device is useless
<R0b0t1>
true, but that's intentional
<DocScrutinizer05>
Neo900 is designed to have aprotection against "evil maid" attack
<DocScrutinizer05>
you can set SYS_BOOT flags in a way so there's no way to boot from external $whatever as long as your NAND bootloader works
<DocScrutinizer05>
and it takes complete device dis-assembly to change that SYS-BOOT
<DocScrutinizer05>
the paranoid ones can drill a hole into PCB and make it virtually impossible to set SYS_BOOT to external boot
arossdotme has quit [Ping timeout: 256 seconds]
ravelo has quit [Ping timeout: 246 seconds]
arossdotme has joined #neo900
arossdotme has quit [Ping timeout: 256 seconds]
arossdotme has joined #neo900
panais has joined #neo900
lexik has quit [Read error: Connection reset by peer]
<DocScrutinizer05>
kesselvillage is close to neo village, very convenient
<DocScrutinizer05>
I got paper dishes for you :-)
<paulk-aldrin>
really? how nice!
<DocScrutinizer05>
ideally you first register at wiki, so you can reference to your wiki nick User:paulk (or whatever), for village feel free to use Neo
<DocScrutinizer05>
on that food preorder list
<paulk-aldrin>
great, thanks
<DocScrutinizer05>
yw. my pleasure
<paulk-aldrin>
long story short, I'm coming with a (french) friend and we'll probably share the same tent -- we haven't yet decided which village to be part of, but it looks like a worthwhile decision to make beforehand. He has been invited to another village (more or less), too.
<DocScrutinizer05>
no problem
<paulk-aldrin>
I'll try to let you know soon :)
<paulk-aldrin>
Either way, I'm really looking forward to chatting with you a bit!
dal2 has quit [Ping timeout: 244 seconds]
<eEnd_>
huh
<eEnd_>
there's a neo village
<eEnd_>
nice2know
dal has joined #neo900
sparetire_ has joined #neo900
louisdk has quit [Ping timeout: 264 seconds]
louisdk has joined #neo900
louisdk has quit [Ping timeout: 252 seconds]
louisdk has joined #neo900
louisdk has quit [Ping timeout: 244 seconds]
vakkov has quit [Ping timeout: 244 seconds]
paulk-aldrin has quit [Quit: Quitte]
infobot has quit [Ping timeout: 244 seconds]
arossdotme has quit [Ping timeout: 256 seconds]
arossdotme has joined #neo900
louisdk has joined #neo900
louisdk has quit [Ping timeout: 244 seconds]
louisdk has joined #neo900
louisdk has quit [Read error: Connection reset by peer]