On Wed, Aug 5, 2009 at 11:30 PM, John Floren <slawmas...@gmail.com> wrote:
> On Wed, Aug 5, 2009 at 11:15 PM, Corey<co...@bitworthy.net> wrote: > > On Wednesday 05 August 2009 19:42:54 Anthony Sorace wrote: > >> > * I hope I don't get beat up on this one (well, I hope I don't get too > >> > beat up on _any_ of these questions...), but it seems strange that > >> > something as important as a cpu/auth server would just go and boot up > >> > right into the hostowner... apparently this a non issue - so what am I > >> > not understanding? > >> > >> philosophy. plan9, like research unix before it, recognizes that if > >> you have physical access to the box, all bets are off anyway. > >> > > > > Well, sounds like a flawed philosophy taken too far. > > > > Flawed, because all bets are not necessarily off with physical access; > > and taken too far, because... dang, what harm is there in providing > > that last means of interference to a hostile? > > > > Cpu/Fs/Auth server says: "If you can touch me, I'm _all_ yours..." > > > > What a fascinatingly... loose... form of security, if you catch my drift. > > > > > >> security consists of locking your door. > >> > > > > ... which means bootes is just a quick hacksaw or boltcutter or > > crowbar away... so why even bother with a locked door? > > > > Security is ultimately about the price/time/effort/skills a potential > > attacker (or vandal) is willing (and able) to put forth in order to > overcome > > a system's security measures. A password is amazingly effective for a > > vast number of the most common circumstances encountered in many > > typical environments. > > > > I argued this once too, but eventually came around to the Plan 9 way > of thinking. Once you have physical access to the machine, it's yours > anyway. Just boot the Plan 9 CD and mount the fossil or any of the > other possibilities that arise when you are able to physically insert > bootable media into a system and force it to reboot. > > If your Linux system is sitting out, oh no, there's a big scary login > prompt! First thing I try is rebooting and adding "single" to the end > of the kernel options. If that doesn't work, I grab a bootable Linux > CD, boot it, and mount your filesystem. Unless you're encrypting the > disk (probability: low), it's all mine now. > > I don't remember the procedure, but I'm pretty sure VMS (reputedly one > of the most secure OSes, if not the most secure OS, in use today) has > a similar option for bypassing the console password on boot, and of > course you can always steal the disk and take it elsewhere, mount a > new boot tape, etc. You can boot firewire macs (at least the PPC variety, maybe also the intel ones) in "target disk mode". This makes them mountable as a disk from any computer that knows how to do so with firewire. Physical access makes security pretty much impossible. The latest thing people do to thwart prying eyes is to encrypt the filesystem itself (or at least the home directory). Even that was poorly done as an unencrypted swap file often had passwords in plaintext available on the mac. Perhaps storing secure data in the cloud is always safer? :-) Dave > > > John > -- > "Object-oriented design is the roman numerals of computing" -- Rob Pike > >
