Date: Wed, 3 Jun 2009 16:45:42 +0200 (CEST) From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> To: cpghost <cpghost@cordula.ws> Cc: freebsd-questions@freebsd.org Subject: Re: Open_Source Message-ID: <alpine.BSF.2.00.0906031642010.52001@wojtek.tensor.gdynia.pl> In-Reply-To: <20090603133343.GB1988@phenom.cordula.ws> References: <4d3f56c90906020812t40c5fcbv178bcd7f702356f@mail.gmail.com> <4ad871310906020843n3e7dc96ap28d5d622e844abf1@mail.gmail.com> <alpine.BSF.2.00.0906021757290.2065@wojtek.tensor.gdynia.pl> <20090603004914.73f40a60@gluon.draftnet> <alpine.BSF.2.00.0906030848330.49751@wojtek.tensor.gdynia.pl> <20090603091800.GA1177@phenom.cordula.ws> <alpine.BSF.2.00.0906031120260.50636@wojtek.tensor.gdynia.pl> <20090603102720.GB1349@phenom.cordula.ws> <alpine.BSF.2.00.0906031310420.51077@wojtek.tensor.gdynia.pl> <20090603133343.GB1988@phenom.cordula.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
>> You mean Xorg can easily be hijack'ed that way? > > If you can connect to the X server, you can also attach any > kind of monitoring software to it. Think vncserver and the like... vncserver creater new X server. Can't monitor yours unless you have special module for X server installed and loaded (it is in ports) >> Nothing forbids you to start 2 X servers and do console switching. > > That's what I do, and it's easy enough. and works. >> papers glued to monitor with passwords on them ;), or maybe a minute more >> to look at different places. > > Oh yes indeed: THAT's always bee the more serious threat, > security-wise. so it's the first thing you should care about. Humans are ALWAYS weakest point of any security system. How many employees of your company ACTUALLY understand what are passwords for. Really? Yes, probably most of them don't, just know that it's something you have to type in ;) > And don't forget about TEMPEST-like kinds of attack: you can't > imagine just how much information you give away on the electromagnetic > spectrum, even if you don't use WLANs... information that can be picked forget about it. it's too difficult compared to abuse of common human dumbness. Kevin Mitnick book is really worth of reading. i read polish translation. He NEVER cracked any system by using exploits. He just politely asked for a password.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0906031642010.52001>