Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 3 Jun 2009 16:45:42 +0200 (CEST)
From:      Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
To:        cpghost <cpghost@cordula.ws>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Open_Source
Message-ID:  <alpine.BSF.2.00.0906031642010.52001@wojtek.tensor.gdynia.pl>
In-Reply-To: <20090603133343.GB1988@phenom.cordula.ws>
References:  <4d3f56c90906020812t40c5fcbv178bcd7f702356f@mail.gmail.com> <4ad871310906020843n3e7dc96ap28d5d622e844abf1@mail.gmail.com> <alpine.BSF.2.00.0906021757290.2065@wojtek.tensor.gdynia.pl> <20090603004914.73f40a60@gluon.draftnet> <alpine.BSF.2.00.0906030848330.49751@wojtek.tensor.gdynia.pl> <20090603091800.GA1177@phenom.cordula.ws> <alpine.BSF.2.00.0906031120260.50636@wojtek.tensor.gdynia.pl> <20090603102720.GB1349@phenom.cordula.ws> <alpine.BSF.2.00.0906031310420.51077@wojtek.tensor.gdynia.pl> <20090603133343.GB1988@phenom.cordula.ws>

next in thread | previous in thread | raw e-mail | index | archive | help
>> You mean Xorg can easily be hijack'ed that way?
>
> If you can connect to the X server, you can also attach any
> kind of monitoring software to it. Think vncserver and the like...

vncserver creater new X server. Can't monitor yours unless you have 
special module for X server installed and loaded (it is in ports)

>> Nothing forbids you to start 2 X servers and do console switching.
>
> That's what I do, and it's easy enough.

and works.

>> papers glued to monitor with passwords on them ;), or maybe a minute more
>> to look at different places.
>
> Oh yes indeed: THAT's always bee the more serious threat,
> security-wise.

so it's the first thing you should care about.
Humans are ALWAYS weakest point of any security system.

How many employees of your company ACTUALLY understand what are passwords 
for.

Really? Yes, probably most of them don't, just know that it's something 
you have to type in ;)

> And don't forget about TEMPEST-like kinds of attack: you can't
> imagine just how much information you give away on the electromagnetic
> spectrum, even if you don't use WLANs... information that can be picked

forget about it. it's too difficult compared to abuse of common human 
dumbness.

Kevin Mitnick book is really worth of reading. i read polish translation.

He NEVER cracked any system by using exploits. He just politely asked for 
a password.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0906031642010.52001>