Press release with no real info. Not sure how a "PRISM-proof Tor server" even makes sense. People you don't like can still run as many backdoored exit nodes as they want, and it's up to you to properly use crypto so they can't sniff your connection. Tor nodes are supposed to be (assumed to be?) untrustworthy.
totally agree. they seem to claim that their software gives legit dma and compromised device protection, which is a big claim.
there is no information about how this tech actually accomplishes this on their site. i suspect it's "stuff everything in the TPM because you can trust hw crypto" from normal memory, but this is just a guess. i would expect that the hw assurance claim is tied to storing id info in the TPM as well.
This has nothing to do with PRISM, but it's still neat technology.
> Using PrivateCore vCage, no trace of Tor server code or data is maintained in memory or on disk, eliminating the possible exposure of secret key material through memory forensics.
This isn't at all what the NSA's attacks on Tor are, but uh, good for them, I suppose.
Agreed. I would not be at all surprised if there were an NSA backdoor or known weakness in such a product, and you have no real way of finding out due to the proprietary nature.
So basically it's a VM/hypervisor that creates a random key that is stored on the cache or on cpu registers, and uses it to encrypt memory content. similar to tresor[1].
Seem like something that can be usefull for android devices, since the main vulnerability of android devices is the ability if chips(like the modem) that have closed source firmware , to access the ram.
This is ridiculous. Encrypting memory does not make Tor "PRISM-proof". The claim is that the NSA just grabs the keys from all of the Tor relays, which is ridiculous and not at all how the NSA has been publicized to do their tracking.
10 comments
[ 2.9 ms ] story [ 23.3 ms ] threadthere is no information about how this tech actually accomplishes this on their site. i suspect it's "stuff everything in the TPM because you can trust hw crypto" from normal memory, but this is just a guess. i would expect that the hw assurance claim is tied to storing id info in the TPM as well.
> Using PrivateCore vCage, no trace of Tor server code or data is maintained in memory or on disk, eliminating the possible exposure of secret key material through memory forensics.
This isn't at all what the NSA's attacks on Tor are, but uh, good for them, I suppose.
If Amazon or Rackspace got an NSL, would the NSA be able to get an image of your VPS without you being told?
It seems relevant.
Open source doesn't automatically guarantee anything, but you can't have real security without it.
Seem like something that can be usefull for android devices, since the main vulnerability of android devices is the ability if chips(like the modem) that have closed source firmware , to access the ram.
[1]http://en.wikipedia.org/wiki/TRESOR#Potential_vulnerabilitie...