[Cryptech Tech] dev-bridge board

Peter Stuge peter at stuge.se
Fri Dec 18 14:19:39 UTC 2015

Previous message (by thread): [Cryptech Tech] dev-bridge board
Next message (by thread): [Cryptech Tech] dev-bridge board
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jacob,

Randy Bush wrote:
> > why do you guys use the FT232 (or consider a MPU-based USB interface)
> 
> this is a security device.

Here everyone agrees.

> usb is a big hole.

That's Randy's opinion. I have a different opinion - maybe because I
have a good decade of experience with the protocol, maybe because I
am a hipster, as Randy put it. :)

> we want i/o to go through as small a hole as possible.

I maintain that this philosophy is flawed for security devices as
well as for others.

I prefer structured low-level communication over byte stream parsers
in all my security devices, because it removes a large portion of
error-prone code not only in the device, but also in the host. I do
admit that I too have fun writing such code, but that's not an
argument, and I do not consider it more secure.

//Peter

Previous message (by thread): [Cryptech Tech] dev-bridge board
Next message (by thread): [Cryptech Tech] dev-bridge board
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list