Date: Wed, 10 Oct 2001 14:32:48 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Adam Laurie <adam@algroup.co.uk> Cc: xskoba1@kremilek.gyrec.cz, security@FreeBSD.ORG, Ben Laurie <ben@algroup.co.uk> Subject: Re: "Rubbish" idea on security Message-ID: <19150.1002717168@critter.freebsd.dk> In-Reply-To: Your message of "Wed, 10 Oct 2001 13:24:31 BST." <3BC43DFF.C356A86A@algroup.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <3BC43DFF.C356A86A@algroup.co.uk>, Adam Laurie writes: >this would be quite easy with cfs >(http://www.freebsddiary.org/encrypted-fs.php) - you'd need an >unencrypted boot that got you up far enough to run (say) sshd, then log >in and unlock the main filesystem and finish the boot. however, if the >thief knows that it's protected in this way, all they need to do is >maintain the power until they can copy the files. it would of course >provide good protection against opportunist or ram-raid style theft >though. If you want to physically protect information, then study the PAL/SL/WL system on atomic warheads: http://www.google.com/search?q=permissive+action+link http://www.google.com/search?hl=en&q=warhead+weak+strong+link -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19150.1002717168>