[techtalk] Physical security example
coldfire
rolick571 at duq.edu
Tue May 15 21:38:56 EST 2001
> Just a note about physical security.. keep in mind.. if your physical
security plans aren't realistic... you may end up creating a worse
situation.. ie. lets take a door where you have to use 10diffrent
bio-scans to get into the facility.. and people have to do it
constantly.. how long do you think it'll take before people start
"holding the door open" to strangers or leaving it propped open and the
like?
this is always .. *always* an issue.
> by the way.. I don't entirely buy the classical "if they have physical
access then they own the box" ideal.. to me thats like saying just
because I can touch a painting at an art gallery I own it.. there is more
to accessing a system then getting your hands on it..
and as for physical access? there's nothing to really stop anyone from
comprimising the box after obtaining physical access. bios passwords,
lilo passwords, ... they can all be bypassed given physical access. it
would take time, granted, but it is possible.
abe
More information about the Techtalk
mailing list