Moin,
Am Wed, 5 Nov 2014 20:29:07 +0100 schrieb "
mathieu...@gmail.com"
<
mathieu...@gmail.com>:
> and *not *the password. You may be confused by the
> NODE_BLOCK_IMPORT_EXPORT define that isn't activated in the
> production version (or beta tester version for the matter).
Still, he has a point that I hadn't thought about earlier: If there's
no additional protection on the backup feature, an attacker can do this:
a) prepare a malicious mooltipass M in advance (e.g. buying one and
then doing a 'firmware update' on their own hardware, as is their
right)
b) in a moment of short access to a victim's mooltipass V:
b1) do an export from that device V
b2) import the data onto the malicious device M
c) swap V and M, e.g. leave the malicious device where the victim left
it, and take the original victim's device with them.
On short notice I can't think of an effective way to prevent that
without sacrificing the interchangeability of mooltipass and keycards,
and hence the whole point of back-ups.
--
Henryk Plötz
Grüße aus Berlin
~ Help Microsoft fight software piracy: Give Linux to a friend today! ~