[Linux-disciples] Why no password for the root account?
Dylan Thurston
dpt at lotus.bostoncoop.net
Sat Apr 30 19:28:25 EDT 2005
On Sat, Apr 30, 2005 at 05:44:10PM -0400, Stephen R Laniel wrote:
> On Sat, Apr 30, 2005 at 03:26:19PM -0400, Dylan Thurston wrote:
> > In general, it is never possible to secure a computer from an attacker
> > with physical access. Systems differ a little in how difficult they
> > make it, but sometimes people feel that it's not worth pretending.
>
> I was having just this conversation with Adam mere minutes
> ago. Fate, it was.
>
> Let's imagine I
>
> 1) included a physical lock on my laptop;
> 2) had a password-protected BIOS;
> 3) had an encrypted filesystem with a secure password;
> 4) required an account to log in (no passwordless root
> access)
>
> Probably a determined attacker with all the time in the
> world would be able to get in, but I'd think that item 3)
> alone would be quite the block. No?
The first attack I can think of would be to install a keyboard
sniffer.
The lock or password-protected BIOS isn't going to help you much. All
locks can be broken given enough time. And the BIOS can be replaced
if there's no easier way around it.
Don't forget your boot loader.
Peace,
Dylan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.bostoncoop.net/pipermail/linux-disciples/attachments/20050430/7ee937e1/attachment-0001.pgp
More information about the Linux-disciples
mailing list