On Sat, Jul 30, 2011 at 12:29:24AM +0900, 夜神 岩男 wrote: > Coming originally from secret squirrel land, one of the cardinal > security rules for us was simply "If the attacker has physical access, > you don't have security".
I would say "... you have much less security". No security is just not true. Doing all the things Dag said and using encrypted filesystems provides a certain security level even when physical access. > Physical acces to a system is where coded security gives way in absolute > terms to physical security measures. But again, that is if we're talking > about serious security environments and almost none of our use cases > probably represent that -- so we're left simply balancing usability vs > security like normal people. The assumption "almost none of our use cases probablt represent that" is a very bad starting point. Probably the people that completely fucked up GNOME (GNOME3 in Fedora 15 is almost unusable for most people I know) had a similar thought when they destroyed the GNOME desktop. -- -- Jos Vos <[email protected]> -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204
