He's talking about display monitors AKA the screens which can be exploited via the i2c bus over the graphical interface (e.g. HDMI).
The GP is 100% correct, if you can't trust your keyboard, mouse, and the monitor the "secure computer" concept in this case is problematic, while it does reduce the attack surface somewhat it just focuses the attention of the adversary onto a different vector.
If we take their "cleaning man/evil maid" scenario then while implanting the computer might not be possible, implanting the keyboard, mouse or screen would be very possible, and in fact somewhat easier than implanting a regular computer with decent security measures such as an encrypted drive.
Add a USB storage device with a micro-controller to the keyboard and you own the computer once it's connected, a monitor today comes with a CPU powerful enough to run custom code which can be used to exfiltrate data as well.
Additionally both the keyboard and the monitor could potentially be used to exploit software flaws on the software running on the ORWL unit also.
The concept is interesting however this is mostly "security theater" any adversary which would be sophisticated enough to require taking these measures would likely be able to circumvent them, and for the rest these measures don't really do anything; if you use this for day to day operations or on-net activity you'll get pwned via the network; if you keep secrets on this thing worthy of sending some one into your home to implant your PC then they'll implant something else which is connected to it.
Oddly enough the only "high tier" adversary that this might thwart would be law enforcement since their computer forensic SOP would pretty much melt down when encountering something which is tamper resistant.
I'm a bit surprised that, in 2016, there is no standard way for a computer to authenticate its keyboard and monitor. Has anyone even thought about how that could be done?
HDCP is arguably the standard for authenticating the monitor, but it's not quite intended for this purpose. I'm not aware of a standard for authenticating input devices, but disabling USB HID and relying solely on tamper-evident PS/2 input devices goes a long way.
Even if you can, yous implant a keylogger onto the keyboard, and some malware/implant into the screen you get a full readout of every keystroke and every pixel displayed.
If you are going to prevent physical attacks from adversaries that can circumvent basic protection (e.g. FDE) you have to make sure that every device is as secure because the system is as secure as its weakest link.
If your adversaries are just the random person that might steal your PC then any full disk encryption even a cryptographically insecure one would be sufficient because the people who end up dealing with these devices won't have the knowhow or the resources to attack even bad encryption.
yes but since an application is DRM the hacker groupthink decided that this was a double unplus good thought and so no one should think it lest evil happen.
The GP is 100% correct, if you can't trust your keyboard, mouse, and the monitor the "secure computer" concept in this case is problematic, while it does reduce the attack surface somewhat it just focuses the attention of the adversary onto a different vector.
If we take their "cleaning man/evil maid" scenario then while implanting the computer might not be possible, implanting the keyboard, mouse or screen would be very possible, and in fact somewhat easier than implanting a regular computer with decent security measures such as an encrypted drive.
Add a USB storage device with a micro-controller to the keyboard and you own the computer once it's connected, a monitor today comes with a CPU powerful enough to run custom code which can be used to exfiltrate data as well.
Additionally both the keyboard and the monitor could potentially be used to exploit software flaws on the software running on the ORWL unit also.
The concept is interesting however this is mostly "security theater" any adversary which would be sophisticated enough to require taking these measures would likely be able to circumvent them, and for the rest these measures don't really do anything; if you use this for day to day operations or on-net activity you'll get pwned via the network; if you keep secrets on this thing worthy of sending some one into your home to implant your PC then they'll implant something else which is connected to it.
Oddly enough the only "high tier" adversary that this might thwart would be law enforcement since their computer forensic SOP would pretty much melt down when encountering something which is tamper resistant.
But hey, you gotta start somewhere.