[Gllug] USB Securikey
Mike Brodbelt
mike at coruscant.demon.co.uk
Mon Jul 21 21:37:48 UTC 2003
On Mon, 2003-07-21 at 21:16, Tethys wrote:
> David Damerell writes:
>
> >>Of course, if you have physical access to the machine, you can always take
> >>the hard drive out and put it in a machine of your choice. At which point,
> >>the idea of encrypting the filesystem is about the only way to prevent your
> >>data being lost
> >
> >A resourceful attacker would install a keystroke logger on the
> >keyboard cable and hit the reset switch. You notice it's down and run
> >up and type in the passphrase.
>
> Keyboard? What are you blathering on about? This is a machine rackmounted
> in a hosting centre. Is has no monitor or keyboard. Just a serial port
> (the one true way). Of course, that's equally susceptible to having a
> serial tap inserted...
>
> Face it, if they've got physical access, you're screwed.
I read a story a while ago about some US university with a Novell server
which they had "lost". It was a functional machine, but no-one knew
where it was physically located. This was ignored for some time, until
they eventually needed to track it down as part of a network move. It
was discovered, bricked up in a disused storage area. Best answer to the
physical access problem :-). Set the machine up, then seal it up in it's
own little tomb. Course if it ever crashes you're screwed....
Mike.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list