cpghost cpghost at
Wed Jun 3 13:33:47 UTC 2009

On Wed, Jun 03, 2009 at 01:15:32PM +0200, Wojciech Puchar wrote:
> > there, it's easy to hijack the X session (including keylogging etc.).
> You mean Xorg can easily be hijack'ed that way?

If you can connect to the X server, you can also attach any
kind of monitoring software to it. Think vncserver and the like...

> > So you'll start another Xorg process as the other user, but are you
> Nothing forbids you to start 2 X servers and do console switching.

That's what I do, and it's easy enough.

> >> It's a matter of protecting yourself from "big brothers" that watch
> >> others.
> >
> > Or from "little brothers" that explicitly target your infrastructure
> > (think: industrial espionage etc.). Those attackers are much more
> > worrying that your usual suspects, script kiddies et al., as contrary
> > to the broad attackes of the latter, the former usually have more
> > resources, including time, to conduct targeted penetration attempts
> > into your secure environment.
> But they will not attack your company for sure.

It always depends on the company...

> There are MUCH simpler methods. Just pay few bucks to charwoman to look at 
> papers glued to monitor with passwords on them ;), or maybe a minute more 
> to look at different places.

Oh yes indeed: THAT's always bee the more serious threat,

And don't forget about TEMPEST-like kinds of attack: you can't
imagine just how much information you give away on the electromagnetic
spectrum, even if you don't use WLANs... information that can be picked
up a few hundred meters away or even more outside of your security
perimeter and reconstructed.

Talking about (justified?) paranoia: some 10 years ago, we had some
routing equipment in a server room that was NOT in the basement (i.e.
it had a window to the outside). Guess what? We had to put black
electrician's tape on the switches' LEDs, because it turned out that
those LEDs were blinking at the exact rate of the transmitted data,
bit-for-bit, and that anyone with a telescope and an optical sensor
could have picked that pattern up, and reconstructed the data stream.

Scary, uh?

> Are you sure the employees in your company doesn't do that? :)

I can't, but that's the job of our security dept. They're conducting
the background checks. If they still missed a human "troyan," well,
that's life. ;-)


Cordula's Web.

More information about the freebsd-questions mailing list