Timeline for answer to Open-Source Hardware Security Modules (HSM) by ThoriumBR
Current License: CC BY-SA 4.0
Post Revisions
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 25, 2021 at 3:49 | comment | added | rip... | Tamper evident packaging, tamper evident seals on the appliance, and the external erase button. And we've had people come to the office to pick up the equipment rather than risk it being intercepted in shipping. If you don't trust the process, ask for a different one. | |
| Mar 24, 2021 at 23:30 | comment | added | ThoriumBR | It depends on how much it costs. My company sells them for quite a lot, so we are the mail. There are several tamper-evident seals on the parts, and we have to check them all before opening. | |
| Mar 24, 2021 at 23:22 | comment | added | Michael Altfield | Not sure if anti-interdiction is part of the certs, but I was very disappointed by Utimaco. I wouldn't consider tamper-evident packaging sufficient if the whole tamper-evident bag can be taken off and replaced by another tamper-evident bag. That's not what I would call anti-interdiction services. I think Purism does it right puri.sm/security | |
| Mar 24, 2021 at 23:15 | comment | added | ThoriumBR | A device FIPS-certified will arrive with tamper-evident packaging and health checking routines, so "modified in transit" will be evident on arrival. Source: I work for a company that makes HSMs, and have personally installed a couple of them. | |
| Mar 24, 2021 at 22:44 | comment | added | Michael Altfield | You totally sidestepped the risk of interdiction. Certifications mean nothing if the device that arrived by post has been modified in-transit. | |
| Mar 24, 2021 at 22:35 | history | answered | ThoriumBR | CC BY-SA 4.0 |