Mime-Version: |
1.0 |
Sender: |
|
Date: |
Fri, 29 Jul 2011 18:01:32 +0200 |
Content-Disposition: |
inline |
Reply-To: |
|
Subject: |
|
From: |
|
Content-Transfer-Encoding: |
quoted-printable |
In-Reply-To: |
|
Content-Type: |
text/plain; charset=utf-8 |
Comments: |
|
Parts/Attachments: |
|
|
On Sat, Jul 30, 2011 at 12:29:24AM +0900, 夜神 岩男 wrote:
> Coming originally from secret squirrel land, one of the cardinal
> security rules for us was simply "If the attacker has physical access,
> you don't have security".
I would say "... you have much less security". No security is just
not true. Doing all the things Dag said and using encrypted filesystems
provides a certain security level even when physical access.
> Physical acces to a system is where coded security gives way in absolute
> terms to physical security measures. But again, that is if we're talking
> about serious security environments and almost none of our use cases
> probably represent that -- so we're left simply balancing usability vs
> security like normal people.
The assumption "almost none of our use cases probablt represent that" is
a very bad starting point. Probably the people that completely fucked
up GNOME (GNOME3 in Fedora 15 is almost unusable for most people I know)
had a similar thought when they destroyed the GNOME desktop.
--
-- Jos Vos <[log in to unmask]>
-- X/OS Experts in Open Systems BV | Phone: +31 20 6938364
-- Amsterdam, The Netherlands | Fax: +31 20 6948204
|
|
|