Erik N Johnson wrote:
John,
Does it make any difference at all whether I can easily gain control
of a Windows box with physical access? Since I can VERY easily gain
control of most Windows boxes over any old network they happen to be
I don't think you can so easily get control of users' computers I manage:-)
Most (82 % or so I read recently) problems on Windows boxes arise
because users use administrator accounts for daily tasks. If you've
installed Windows XP, even up to SP3, recently you will find it easy to
see why they would. Very likely without passwords.
I don't use Windows a lot. However, I don't use admin accounts for
regular use, I take some care about where I get my software, and I don't
engage in filesharing. I also don't use AV software.
connected to? I contend that physical security is a MUCH simpler
problem to solve than network security. How does OpenBSD stand up to
a physical attack?
I've never even installed OpenBSD. I've had a quick look at FreeBSD.
My first try would be alternative boot media, same as works with Windows.
Erik Johnson
On Mon, Feb 23, 2009 at 5:37 PM, John Summerfield
<[email protected]> wrote:
Ivan Warren wrote:
John Summerfield wrote:
This is what I would do, and why I reckon Linux security to be so
feeble[1]. One does need to know the commands to mount needed
filesystems.
[1]Give me your disk or physical access to your computer, and not even
your boot-time password's enough.
Hmm.. Even boot-time controled whole disk encryption ?
May depend on where the key is:-) And, I'd need time for research.
Then again.. besides from the above example, it's pretty much true for
any system (not only linux)..
Windows is a little more difficult, I need a Linux boot disk and the
right program, and if it's a domain controller there's another trick
after that.
Which reminds me, I still have a fight to win against OS X.
--
Cheers
John
-- spambait
[email protected] �[email protected]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or
visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
--
Cheers
John
-- spambait
[email protected] [email protected]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
