Password Security
RW
list-freebsd-2004 at morbius.sent.com
Fri Nov 24 04:11:46 PST 2006
On Friday 24 November 2006 05:37, Norberto Meijome wrote:
> Precisely - MS makes a very strong (and valid) point of saying that once
> 'the bad guys' have physical access to your box, the machine is owned.
>
> The was a (very cool) presentation in Ruxcon (ruxcon.org) this year about
> hacking into someone's machine via Firewire. And even if it was an exploit,
> neither the researcher/hacker nor MS would consider it "security issue",
> because to use this FW attack you need physical access... ie, you've lost
> the battle already, it's just a matter of picking your method of breaking
> in.
I think that's a bit complacent of MS, given that most instances of their OS
don't run on servers.
If a desktop machine has encrypted partitions, it is protected against someone
stealing it and breaking in at their convenience. Reading data from a running
machine, shouldn't be as convenient and inconspicuous as plugging-in a cable.
More information about the freebsd-questions
mailing list