1 |
On 4/16/06, Willie Wong <wwong@×××××××××.edu> wrote: |
2 |
> On Sun, Apr 16, 2006 at 09:54:33PM +1000, Penguin Lover Alan E. Davis squawked: |
3 |
> > He felt betrayed. I understand why, I think: what's secure about |
4 |
> > GNU/Linux if anyone can boot the system and reset his passwords? |
5 |
> |
6 |
> That is the same regardless of operating system. |
7 |
> Physical access == no security. |
8 |
> |
9 |
> > How can anyone easily avoid the problem of anyone being able to access |
10 |
> > the guts of his machine using a live CD? I already thought of one: |
11 |
> > use the BIOS to disallow booting from a CD or Floppy, and set a |
12 |
> > password on the BIOS. Don't know whether all BIOSes will allow this, |
13 |
> > and anyway, isn't it possible on a lot of motherboards to short out |
14 |
> > the EPROM and thus reset the password of the BIOS? |
15 |
> |
16 |
> You can also encrypt the contents of your hard drive. |
17 |
> http://tldp.org/HOWTO/Disk-Encryption-HOWTO/ |
18 |
|
19 |
But I can still get that hard drive and smash it to bits ;) |
20 |
|
21 |
Get a big dog. Tie him next to your PC. |
22 |
|
23 |
Seriously, if your friend can find an OS that can restrict access even |
24 |
if the attacker has physical access to the PC, then he should use |
25 |
that. |
26 |
|
27 |
Encryption is a good solution, even for backups. But it's a bit |
28 |
overboard for most users. |
29 |
-- |
30 |
Jed R. Mallen |
31 |
GPG key ID: 81E575A3 fp: 4E1E CBA5 7E6A 2F8B 8756 660A E54C 39D6 81E5 75A3 |
32 |
http://jed.sitesled.com |
33 |
|
34 |
-- |
35 |
gentoo-user@g.o mailing list |