On Friday 24 November 2006 05:37, Norberto Meijome wrote: > Precisely - MS makes a very strong (and valid) point of saying that once > 'the bad guys' have physical access to your box, the machine is owned. > > The was a (very cool) presentation in Ruxcon (ruxcon.org) this year about > hacking into someone's machine via Firewire. And even if it was an exploit, > neither the researcher/hacker nor MS would consider it "security issue", > because to use this FW attack you need physical access... ie, you've lost > the battle already, it's just a matter of picking your method of breaking > in.
I think that's a bit complacent of MS, given that most instances of their OS don't run on servers. If a desktop machine has encrypted partitions, it is protected against someone stealing it and breaking in at their convenience. Reading data from a running machine, shouldn't be as convenient and inconspicuous as plugging-in a cable. _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"