[techtalk] no modem etc

[Jeff]

On Fri, Apr 07, 2000 at 11:36:37AM -0500, Jeff Dike wrote:
> None of that really matters if you're serious about security.  It may prevent 
> people from accidentally doing stupid things.  It does nothing to prevent 
> malicious people with access to the hardware from hitting the power button, 
> pulling the plug, applying power tools to the case, etc.  Once they have the 
> system off, they can boot it up to single-user and do anything they want.

You *can* password the BIOS and LILO, but you can still get around that
by taking off the case and stealing the harddrive, then you put it into
a machine you have root on and mount the partitions.  

Of course, you encrypted your data, didn't you?

The real question is, how paranoid are you, because for just about any
given security violation, you can put a nasty obstacle in.  It's a
really good chicken and egg problem.  Which is why you estimate how
likely it is someone will get at the console or even try some of these
things. 

-- 
Jeff
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/M/>P d-(pu) s+:- a17>? C++(++++) L+++ UL++++@>$ P+ E--- W++@ N+ o? K++ w--- O? M V- PS+ PE(--)@ Y+@ PGP++ t+ 5 X++@ R++@ !tv@ b++ DI++++ D- G e- h! r% y?
------END GEEK CODE BLOCK------

My Public Key -- http://24.5.73.229/pubkey.txt 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 248 bytes
Desc: not available
Url : http://linuxchix.org/pipermail/techtalk/attachments/20000407/05479da6/attachment.pgp