On Thu, Sep 06, 2012 at 10:23:58AM -0400, John Abreau wrote: > On Thu, Sep 6, 2012 at 10:17 AM, Edward Ned Harvey (blu) > <[email protected]> wrote: > > > Why is this a discussion? Why wouldn't you just lock the screen, or > > suspend/resume a remote session, rather than killing everything? > > > > I know I lock my screen every time I walk away. At work it's important for > > security because I've got all my root and admin sessions open, password > > lists, etc. At home, it's important, because my 3-yr old daughter loves to > > press buttons and things. > > > > > Earlier in the thread, someone asserted that locking the screen was > not good enough, and that completely logging out every time you walk > away from the computer was the One True Faith.
It depends on your threat profile. If you are in an insecure area with a high value target, you must take the computer with you every time you leave. Example: airport, transit terminal, shared office space with people you do not trust. (Threats: Physical theft. Hardware alteration with a keylogger or malicious bootloader. Cryogenic RAM preservation.) If you are in a generally secure area and do not have a target sign painted on your back, locking the screen is probably good enough even for overnight or over-weekend. E.g.: most office spaces without frequent visitors. For a particularly low-value target, like my living room PC, you could reasonably use a screensaver and no password at all. -dsr- _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
