From owner-freebsd-questions@FreeBSD.ORG Thu Nov 23 20:59:01 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 594B216A403 for ; Thu, 23 Nov 2006 20:59:01 +0000 (UTC) (envelope-from cptsalek@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.228]) by mx1.FreeBSD.org (Postfix) with ESMTP id E0FD343D49 for ; Thu, 23 Nov 2006 20:58:21 +0000 (GMT) (envelope-from cptsalek@gmail.com) Received: by wx-out-0506.google.com with SMTP id s18so620845wxc for ; Thu, 23 Nov 2006 12:58:58 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=RiIp/c4d2idaUAZRLrmD5ZmOhi9/Wu+DEJ9rEXKVFqifix3XpHNhgsnv4Xj1DCXxz4WGzCYD3OZQzfZdjQmPaLUbPyWjzxR53KBhscOXDzaUabY1eiOqdfH61EpFu6g6DChJC+xdkfWRdMxC99VJd/hVhGQcBY4YPFg1goKFiOw= Received: by 10.70.36.9 with SMTP id j9mr17397239wxj.1164315538128; Thu, 23 Nov 2006 12:58:58 -0800 (PST) Received: by 10.70.14.15 with HTTP; Thu, 23 Nov 2006 12:58:57 -0800 (PST) Message-ID: <14989d6e0611231258l2c432daawc0640f63485e71cf@mail.gmail.com> Date: Thu, 23 Nov 2006 21:58:57 +0100 From: "Christian Walther" To: "Garrett Cooper" In-Reply-To: <5DDF6D7C-4FF7-4857-B07E-4462F3C89F97@u.washington.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <200611230757.11410.GregoryC@stcinc.com> <5DDF6D7C-4FF7-4857-B07E-4462F3C89F97@u.washington.edu> Cc: freebsd-questions@freebsd.org Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2006 20:59:01 -0000 > Being able to Kensington lock the machine so that it can't be opened > (thinking of Dells), you can prevent physical access to a large > degree (only have to worry about people that can screw up the lock), > and prevent people from taking the drive OR resetting the CMOS > jumper, giving people access to the BIOS without a password (one > thing that many people haven't mentioned about security so far). > -Garrett Sorry to disappoint you, but Kensington locks can easily be unlocked, using a toilet paper roll, pen, and tape. We tried this at work because my collegue protected his flat screen with it, but forgot his key at home on the day we moved to a new office. We needed a bit longer, thou... The video is wmv, but I didn't find a version in another format (but mplayer can play it): http://www.toool.nl/kensington623.wmv I wonder if the data on this machine is as sensitive as this thread suggests it... ;)