Open_Source
Wojciech Puchar
wojtek at wojtek.tensor.gdynia.pl
Wed Jun 3 14:45:55 UTC 2009
>> You mean Xorg can easily be hijack'ed that way?
>
> If you can connect to the X server, you can also attach any
> kind of monitoring software to it. Think vncserver and the like...
vncserver creater new X server. Can't monitor yours unless you have
special module for X server installed and loaded (it is in ports)
>> Nothing forbids you to start 2 X servers and do console switching.
>
> That's what I do, and it's easy enough.
and works.
>> papers glued to monitor with passwords on them ;), or maybe a minute more
>> to look at different places.
>
> Oh yes indeed: THAT's always bee the more serious threat,
> security-wise.
so it's the first thing you should care about.
Humans are ALWAYS weakest point of any security system.
How many employees of your company ACTUALLY understand what are passwords
for.
Really? Yes, probably most of them don't, just know that it's something
you have to type in ;)
> And don't forget about TEMPEST-like kinds of attack: you can't
> imagine just how much information you give away on the electromagnetic
> spectrum, even if you don't use WLANs... information that can be picked
forget about it. it's too difficult compared to abuse of common human
dumbness.
Kevin Mitnick book is really worth of reading. i read polish translation.
He NEVER cracked any system by using exploits. He just politely asked for
a password.
More information about the freebsd-questions
mailing list