Hi Mike, I followed the threads on hardware-wp. The last information I read was that you have to do some SMD soldering to get the write protection feature. I think that this is not well suited for many people as you need some soldering experience to do this. The last information i got from apacer is that it is possible to write protect the device, but they don't sell devices with write protection as there are not enough customers to request this feature.
Also I am a little bit astonished as all people on the list agree that any additional level of protection is an improvement. But in the discussion about software-wp people argument as if it would make things worse. I still think it is an improvement of security to protect the ramdisk and to restrict access to the boot device as far as possible. This increases the required skills of an intruder and also the chances to detect an intruder. If you check the mounting options of the ramdisks every second, an intruder has only one second to compromise the system and to install and run the tools to hide the intrusion. The protection can completely be done in a package. A few changes (make /var a seperate file system, separate mount from busybox) in the base system would make things easier and do no harm to the system. The user can then decide to use the package or not. I'm short of free time at the moment, but maybe in the next weeks I get the occasion to make a beta-version of this package. I will post then the information on the list when it is available. Manfred Mike Noyes schrieb: > > On Sat, 2002-06-29 at 08:34, Mike Noyes wrote: > > On Sat, 2002-06-29 at 06:15, Manfred Schuler wrote: > > > one reason for software write protection is that people using flash/hard > > > disk at the moment have no other possibilities. And even if it is not > > > perfect, it is better than nothing. > > Manfred, > I forgot to mention SCSI as a solution for hard drives. SCSI drives have > had the ability to do hardware write-protect for many years. > > > Manfred, > > There are alternatives to software write-protect. Current generation > > flash disks are capable of hardware write-protect. They use two > > different approaches: > > > > * Custom ATA controllers on the IDE compatible flash disk. > > ATA-Disk Module > > http://www.sst.com/products/58sm_lm.html > > ATA-Disk Chip Application Notes > > http://www.sst.com/superflash/pdf/222.pdf > > ATA-Disk Module Product Brief > > http://www.sst.com/ata_disk/admbrief.pdf > > ATA-Disk Module (Apacer) > > http://www.apacer.com/product/flash/index_adc_adm.html > > > > * A software and hardware combination that changes the write state > > of the flash disk in hardware. > > Secure Disk on Module (SDOM) > > http://www.pqi.com.tw/eng/ourproduct/sdom.htm > > -- > Mike Noyes <[EMAIL PROTECTED]> > http://sourceforge.net/users/mhnoyes/ > http://leaf-project.org/ > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > No, I will not fix your computer. > http://thinkgeek.com/sf > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Manfred Schuler E_Mail: mailto:[EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
