Re: [Openhive-discuss] Nomad

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Sun, Jan 16, 2005 at 07:23:11AM -0800, Cliff White wrote:
> Also, many of your ideas seem to be protection against people who have 
> physical access to the box ( encrypted filesystems, boot-time stuff etc. ) 
> How likely is this to be an issue, with a Web-provided service?
> And if a Bad Person has physical access, won't they just steal the
> box, thus doing a DOS? 
> 
> Remember, these admins are all going to be volunteers.
> Creating a system that does not match their previous experience 
> ( no remote admin? ), _and is difficult to change
> might be great fun, but probably won't get used.
> They'll just stick with Access.

I may turn out that it just won't work, and that's okay too.  I'm just 
trying to think about how it do it if you don't trust physical security.  
It seems that there is less likely to be a secured room somewhere that 
holds the DB server.  Besides, it's easy to pick locks.

All the DoS stuff, though, is quite a concern.  It's easy to DoS this 
system.  The only way I can think of to avoid a DoS tends to be to NOT 
use a 1 server/multiple clients solution.  To avoid DoS, all clients 
need to know the data.

Maybe each client should be a Nomad?  Make software updates much more 
difficult.  But it avoids DoS.  Peer-to-peer hardened data security.

BTW, this is bascially Digital Rights Management.  Only we're trying to 
do it with personal information instead of movies.  :)

-- 
Kees Cook                                            @outflux.net