On Tue, 30 Apr 1996, Jay Carlson wrote: > > There are programs available on the net which will cause a BIOS checksum > > error. At bootup this error will allow the intruder into the BIOS setup > > without a password (BIOS defaults are taken). > > How do you run these programs under Debian?
I don't know. The ones I've seen have been DOS binaries; perhaps DOSEMU would work. > > > The intruder can then boot off of a floppy and access the machine regardless > > of any OS security. NT, which is heralded as "C2 secure", and its NTFS > > file systems are just as susceptible as any Linux or DOS/Windows box. > > > If you can't secure the machine, you can't secure the system. You can > > still secure information through encryption however. > > As long as you've secured the keys as well. Ayup. Strong encryption isn't much good if you have 'xhost +' in your startup script. In fact, I do my en/decrypting on a PC, is there a really secure way to do it on a UNIX multiuser system? Is SSH sound enough for this? Didn't someone mention they were going to make a Debian SSH package? BTW, the Leahy bill makes the designation of a key holder (key escrow) strictly voluntary. _____________________________________________________________________ Don Gaffney (http://www.emba.uvm.edu/~gaffney) Engineering, Mathematics & Business Administration Computer Facility University of Vermont - 237 Votey Building - Burlington, VT 05405 (802) 656-8490 - Fax: (802) 656-8802
