-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert J. Hansen wrote: > On 10/11/2011 05:14 PM, Jean-David Beyer wrote: >> Let us assume you are the bad guy > > Okay. > >> Unless you have my encrypted keys, you have to access my computer >> (unless you have already stolen it, in which case there are much >> easier ways to invade the machine), you will have to try logging in >> through the Internet (in the case of my machine), and the first >> thing you will hit is the login program. > > Hold on a second there. You seem to be making some extremely > unwarranted assumptions.
Quite possibly. And unwarranted assumptions are especially pernicious because those are typically those I am unaware of making. I am not a security expert anymore. I really was never a security expert, though I was once put in charge of security for 10 VAX machines running UNIX, but this was around 30 years ago almost before the Internet. Some of us were using uucp on dialup, but that was about it. In those days it was almost impossible to get the users to use passwords on their accounts. > > If I want your secret key material, I'm not going to steal your > computer. I'm going to use an exploit to bypass your login, plant a > Trojaned version of GnuPG, and laugh all the way to the bank. I realize if you stole my computer that I would notice it. If you broke into my house skillfully enough that I did not notice it, you could install a key logger, or copy my hard drives, steal my backup tapes, ... . But you could also remove all protections by getting in as the root user (on UNIX-Linux). And I might not notice that. The trick is to do that from the Internet. I have some safeguards to protect me, and they may protect me from amateurs, but an expert might be able to defeat me. It seems to me that to do much damage to my machine, you need to get a shell with root access. And to do that, do you not pretty much need the root password? Or hijack a program that is currently running with the root privileges? I never run a web browser as root. But there are demons that run and some have root privileges. Such as the download mechanism to download updates from Red Hat. My nameserver does not run as root. I do not run telnet. ssh will talk only to specified IP addresses on my LAN. My firewall will not accept messages from outside unless in reply to something I sent out, so I believe it would take a man-in-the-middle attack to get past that unless the firewall is defective. I actually have two firewalls; a primitive one in the router that comes with Verizon's FiOS service, and another one using iptables. These, too, could have bugs, especially if I made a mistake in programming the iptables firewall. > > Modern-day operating systems are frightening -- terrifyingly -- > insecure. A while ago Vint Cerf estimated that about one desktop PC > in five was already pwn3d. That's a number that keeps me awake at > night. > At one extreme, the only way to be pretty safe is to have a machine that is not connected to the Internet, and have U.S.Marines to guard the hardware and access to it. I do not choose to defend myself against threats that would reasonably require that. I want my security to be weak enough that the black hats would not resort to torture to get the information they want. The friends of mine that even know what computer security might mean do not even encrypt their e-mails, though they worry about it's being intercepted. Friends complain if I digitally sign my e-mails. I assume if they could accept encrypted e-mails, that they would save them in clear form on their machines anyway. So maybe I am kidding myself. I do not think my machine has been taken over. For one thing, I can pretty much see the Internet traffic from it, and when I am not doing anything, not much goes down the Internet. A friend whose machine was hacked (Windows ME) had lots of Internet traffic and the machine got impossibly slow. The hard drives never stopped clicking. I do not have that, though the hard drives on this machine do not click, but the Xosview program shows that when nothing is going on, nothing except BOINC programs run. The demons do, but they do not use any processor time. If I ran this machine as a server, my problems would surely be worse. - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 08:50:01 up 6 days, 17:23, 4 users, load average: 5.14, 4.93, 4.94 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org/ iD8DBQFOlu/MPtu2XpovyZoRArvUAKC022RLKvUmsbM1XD5shR+xrB06kQCdEDE+ gx/6aDndO7obVhfgZVEMk6o= =yjMn -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users