On Sat, Jul 30, 2011 at 12:29:24AM +0900, 夜神　岩男 wrote:



> Coming originally from secret squirrel land, one of the cardinal 

> security rules for us was simply "If the attacker has physical access, 

> you don't have security".



I would say "... you have much less security".  No security is just

not true.  Doing all the things Dag said and using encrypted filesystems

provides a certain security level even when physical access.



> Physical acces to a system is where coded security gives way in absolute 

> terms to physical security measures. But again, that is if we're talking 

> about serious security environments and almost none of our use cases 

> probably represent that -- so we're left simply balancing usability vs 

> security like normal people.



The assumption "almost none of our use cases probablt represent that" is

a very bad starting point.  Probably the people that completely fucked

up GNOME (GNOME3 in Fedora 15 is almost unusable for most people I know)

had a similar thought when they destroyed the GNOME desktop.



-- 

--    Jos Vos <[log in to unmask]>

--    X/OS Experts in Open Systems BV   |   Phone: +31 20 6938364

--    Amsterdam, The Netherlands        |     Fax: +31 20 6948204