On Thu, Oct 22, 2009 at 05:50, Rich Kulawiec <[email protected]> wrote: > On Wed, Oct 21, 2009 at 09:20:08PM -0700, Paul Ferguson wrote: > > It doesn't have to be a "trusted admin" -- putting my "evil" cap on, it > > could certainly be someone who impersonates a "trusted admin" or > > "interested party". > > Right. So now we have an existence proof that OnStar has this capability, > and the problem reduces to figuring out how to exploit it. > > I wonder if anyone there has considered the consequences that would > ensue should someone penetrate their security and send out the signal > to shut them *all* down. > > ---Rsk > > Well, there is exploiting it, and there is mitigating it. I remember when a group was implementing a cert authority, and was fairly impressed by the checks. Master password in a safe, locked in a 5 sided cage welded to the floor. Only 2 people and one facilities director had access, and there was a "2 physical key" factor to gain access to the cage. _no_ network access out of the cage, and all servers associated with the installation were inside the cage.
Could the cage be exploited? Sure, but the last piece is the safe. That takes a gun to a head methinks, and by then you probably have other issues. I am just saying that those of us that can, do what we can to protect things. I hate the phrase "disaster recovery". I much prefer disaster mitigation, which when I think about it is pretty much what a lot of us here also do. Cool. Thanks for getting me thinking about this. hmmm.... How to make it so it does not matter if an installation has been compromised...? --steve -- steve pirk refiamerica.org "father... the sleeper has awakened..." paul atreides - dune kexp.org member august '09 Sent from Bremerton, WA, United States
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
