25 Jun
2006
25 Jun
'06
10 p.m.
Don Y wrote:
Ah, excellent! But, is their intent to catch
"incorrectness"
caused by, e.g., hardware failures? I.e., do they assume they
are operating in a HOSTILE environment or just an UNFRIENDLY
one?
For example, most machine's bootstrap code contains checksums.
But, you can usually hack those images if you spend a little
time tweeking the checksum in the process (so the code thinks
everything is fine).
OTOH, cryptographic signatures are *designed* to prevent
(uh, "strongly discourage" :> ) this.
I can't tell you the particulars because I don't know them. However,
the OS does sign the binaries to detect tampering, for both security
reasons and to ensure that IBM gets what IBM thinks is due. ;-)
The bootstrap code on something like an S38/AS400/iSeries is like an
entire operating system by itself, and I have no idea of what that code
is protected by, or even what it is running on this week. (The machine
uses a 'service processor' for at least part of the self-check and boot.)