Paul Sutton wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Samuel Toogood wrote: > >> ------- Original message ------- >> >>> From: Jon Reynolds <maill...@jcrdevelopments.com> >>> To: ubuntu-uk@lists.ubuntu.com >>> Sent: 24.10.'09, 10:50 >>> >>> Am I thinking about this wrong or is it true that using a live CD, one >>> can just boot into the live environment and then mount the host >>> computer's hard drive and browse its contents. Isn't that a really bad >>> security issue? >>> >>> Jon Reynolds >>> >>> >> No that's perfectly correct. It's one of the reasons Ubuntu offers home >> directory encryption. >> >> Sam >> >> > I think this has been said before once you have physical access to a > computer it is vulnerable, however if you disable boot from cdrom, as a > bios option, and probably from usb as well. Password protect the bios > then you do add some sort of security, > > It's possible to take the machine apart to reset the CMOS settings, or in some cases a BIOS password can be easily got round with a simple backdoor password (I vaguely remember AMI and Award BIOSes having such a feature). Worst one I found though was on a Dell Latititude D600 which I had to strip the machine down to the motherboard and find a chip and short two legs of the chip to reset the password. It was a bit worrying attacking it with a paperclip but it worked. > of course if its a server then you would probably want to remove the cd > drice anyway, (however that seems a little extreme), > > Depends, a lot of servers I've seen come with lockable covers. Not to mention, if it's a server why isn't it physically locked away with limited access? (although I've seen cases of the servers being easily accessed on full view, such as at one of the radio stations I used to support).
Rob -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
