Subject: | |
From: | |
Reply To: | |
Date: | Sat, 30 Jul 2011 05:17:03 +0900 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On 07/30/2011 01:01 AM, Jos Vos wrote:
> On Sat, Jul 30, 2011 at 12:29:24AM +0900, 夜神 岩男 wrote:
>
>> Coming originally from secret squirrel land, one of the cardinal
>> security rules for us was simply "If the attacker has physical access,
>> you don't have security".
>
> I would say "... you have much less security". No security is just
> not true. Doing all the things Dag said and using encrypted filesystems
> provides a certain security level even when physical access.
If you have a compromise of any sort in a truly high security
environment -- the sort of environment where a minor sidechannel
information leak (this can even be things like consistent data on the
frequency of disk i/o) is cause to rip out millions of dollars of
deployed equipment, cancel a large operation, re-deploy a dispersed set
of operating units or move satellites around -- then you are
compromised. Its like the old saying about being "kind of pregnant" and
has everything to do with the level of paranoia required by that
environment.
I can't think of anywhere this is the case that is using SL 6, though I
could be wrong...
>> Physical acces to a system is where coded security gives way in absolute
>> terms to physical security measures. But again, that is if we're talking
>> about serious security environments and almost none of our use cases
>> probably represent that -- so we're left simply balancing usability vs
>> security like normal people.
>
> The assumption "almost none of our use cases probablt represent that" is
> a very bad starting point. Probably the people that completely fucked
> up GNOME (GNOME3 in Fedora 15 is almost unusable for most people I know)
> had a similar thought when they destroyed the GNOME desktop.
...and so I have to give you points for the above statement. I can't
know, and after reading some insane Gnome 3 dev list discussions not 5
minutes ago you are right to warn about such habits of thought.
-Iwao
|
|
|