Chapter 14. Security Printing and Seals

A seal is only as good as the man in whose briefcase it's carried.

— Karen Spärck Jones

You can't make something secure if you don't know how to break it.

— Marc Weber Tobias

Introduction

Many computer systems rely to some extent on secure printing, packaging and seals to guarantee important aspects of their protection.

  • Most security products can be defeated if a bad man can get at them — whether to patch them, damage them, or substitute them — before you install them. Seals, and tamper-evident packaging generally, can help with trusted distribution, that is, assuring the user that the product hasn't been tampered with since leaving the factory.

  • Many software products get some protection against forgery using seals and packaging. They can at least raise the costs of large-scale forgery somewhat.

  • We saw how monitoring systems, such as taxi meters, often use seals to make it harder for users to tamper with input. No matter how sophisticated the cryptography, a defeat for the seals can be a defeat for the system.

  • I also discussed how contactless systems such as those used in the chips in passports and identity cards can be vulnerable to man-in-the-middle attacks. If you're scrutinising the ID of an engineer from one of your suppliers before you let him into your hosting centre, it can be a good idea to eyeball the ID as well as reading it electronically. If all you do is the latter, he might be relaying the transaction to somewhere else. So even with ...

Get Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.