|
|
|
|
|
|
by jrockway
2805 days ago
|
|
|
I mean, this is why things like "secure elements" and "trusted platform modules" exist. You have a piece of hardware that stores encrypted data, and it can't be accessed until that hardware is convinced that the operator is requesting the access. The simplest example is a U2F key. It will not even sign an authentication request for a website until it detects that a human operator has asked it to do so (by touching it while flashing). That prevents malware from authenticating on your behalf. (You can still be tricked into authenticating, through, and then the malware will just steal the cookie you got. That is why things like secure boot exist; if the hardware verifies the OS and the OS verifies the hardware, then you can be reasonably sure that security protections are in place and that random software downloaded from the Internet can't interact with secure areas of your hardware. Modulo bugs in the OS, which is hardly a guarantee given how complex they are these days.) |
|
|