From owner-freebsd-stable  Sat Jul 21 12:59:54 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67])
	by hub.freebsd.org (Postfix) with ESMTP id 3D06A37B443
	for <freebsd-stable@FreeBSD.ORG>; Sat, 21 Jul 2001 12:59:45 -0700 (PDT)
	(envelope-from dillon@earth.backplane.com)
Received: (from dillon@localhost)
	by earth.backplane.com (8.11.4/8.11.2) id f6LJxhC05575;
	Sat, 21 Jul 2001 12:59:43 -0700 (PDT)
	(envelope-from dillon)
Date: Sat, 21 Jul 2001 12:59:43 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
Message-Id: <200107211959.f6LJxhC05575@earth.backplane.com>
To: Sung Nae Cho <sucho2@quasar.phys.vt.edu>
Cc: <freebsd-stable@FreeBSD.ORG>
Subject: Re: Is FreeBSD more secure than Windows NT or Windows 2000?
References:  <Pine.LNX.4.33.0107211527090.7405-100000@quasar.phys.vt.edu>
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG


:Hi,
:
:One thing that makes me uncomfortable with both Linux and FreeBSD is that
:unlike Windows NT, both UNIX clones seem to be less secure for a desktop
:use. ( ** Note clones doesn't mean it's any less better than UNIX, it just
:means, it's not officially considered UNIX by OPEN-GROUP ** )  I've used
:Windows NT 4.0 since '98, Linux since '99, FreeBSD since '00 and finally
:gone FreeBSD only on my laptop.  However, unlike, Windows NT 4.0, other
:people can get access to my confidential files!  How?  Well, they can just
:reinstall the FreeBSD without deleting my $HOME directory and as a root,
:they can access all my files!  This is a great concern when my laptop gets
:stolen!  Windows NT is very secure in that matter.  Simply reinstalling
:Windows NT will not let you read someone else's file.  Also, it won't let
:you reinstall Windows NT without verifying that you're the right
:administrator!  During the reinstall, it asks for your root passwd.  If
:the passwd doesn't match, it won't let you reinstall unless you're willing
:to reinstall from scratch (reformat or erase everything before going on to
:installation procedure).  Now I think that's being secure all the way.  Is
:there anyway I can do that with FreeBSD?  For example, attaching signature
:to all my files etc.
:
:Regards,
:Sung N. Cho,
:Saturday, July 21, 2001.

   Umm... well, you should realize something about computers:  If you have
   physical access to the computer, you can access everything on that computer
   whether or not the OS allows it.  There are only two ways to secure a 
   computer such that physical access does not compromise its files.
   (1) Encrypt the filesystems or (2) don't put anything critical on the
   computer in the first place.

   All someone needs to do to access your NT files is to put a bootable CD
   into your laptop and boot an OS that doesn't ask them for a password.
   Poof, they have access to your NT files.  Don't be fooled by UI-based
   security - it doesn't exist.

						-Matt


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message