Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Helmut Wuensch <helmut@...>
Subject: Re: Boot CD for secure remote access
Date: Wed, 23 Nov 2005 23:35:43 +0100
On Wednesday 23 November 2005 21:29, Jeff Gercken wrote:
> I've been chewing on this idea for a while and am hoping someone on the
> list may help me with a concern.
>
> The notion is that big company B will distribute CDs to employees to use
[...]
> This seems fairly straightforward but then why isn't anyone doing this
> already?  What haven't I considered?

Hi,

sounds interesting (and i personally like this idea), but i think it is much 
more easier/reliable (but also more expensive) for a company to equip their 
employees with special pre-installed notebooks that have an encrypted 
filesystem together with some kind of hardware-token for authentication.

The problem is, if you cannot trust the hardware you're booting the cd from, 
then there is not much use in any well-designed security-boot-cd. Just think 
of tampered hardware with some kind of hardware-keylogger installed (for 
example http://www.keyghost.com/)

I think this is just one aspect why so many companies spend so much money in 
expensive notebooks for their external workers: they have control over the 
software _and_ the hardware.

Maybe the use of TPA-Architectures will solve this problem in the future 
(*lol*), but i think this is completely another story :)

regards,
Helmut


-- 
Helmut Wuensch, Dompfaffstr. 140, 91056 Erlangen
PGP/GPG public key available at http://www.helmut-wuensch.de
fingerprint: 20B7 519F 8912 4606 F516  FF2D 417E EF82 5C9E 235A
Attachment:
pgpLNpF04Htpd.pgp (PGP signature)
References:
Boot CD for secure remote access
-- Jeff Gercken
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Boot CD for secure remote access
Next by thread:
Re: Boot CD for secure remote access
Previous by date:
Re: Boot CD for secure remote access
Next by date:
How to make iptables log to a separate log file?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.