From owner-freebsd-questions@FreeBSD.ORG Fri Nov 24 12:11:46 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2009C16A4C9 for ; Fri, 24 Nov 2006 12:11:46 +0000 (UTC) (envelope-from list-freebsd-2004@morbius.sent.com) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 55DB943D79 for ; Fri, 24 Nov 2006 12:10:55 +0000 (GMT) (envelope-from list-freebsd-2004@morbius.sent.com) Received: from db2.internal (db2.internal [10.202.2.12]) by out1.messagingengine.com (Postfix) with ESMTP id 70CDF4718D for ; Fri, 24 Nov 2006 07:11:37 -0500 (EST) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by db2.internal (MEProxy); Fri, 24 Nov 2006 07:11:37 -0500 X-Sasl-enc: T8O21/wIT7PqctXzevOTjACFnWK6zzko+XdcRMBAP3LL 1164370297 Received: from gumby.localdomain (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mail.messagingengine.com (Postfix) with ESMTP id 23AD41207 for ; Fri, 24 Nov 2006 07:11:35 -0500 (EST) From: RW To: freebsd-questions@freebsd.org Date: Fri, 24 Nov 2006 12:11:29 +0000 User-Agent: KMail/1.9.4 References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061123082520.af5d4265.wmoran@collaborativefusion.com> <20061124163754.5a11ddef@localhost> In-Reply-To: <20061124163754.5a11ddef@localhost> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200611241211.31476.list-freebsd-2004@morbius.sent.com> Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Nov 2006 12:11:46 -0000 On Friday 24 November 2006 05:37, Norberto Meijome wrote: > Precisely - MS makes a very strong (and valid) point of saying that once > 'the bad guys' have physical access to your box, the machine is owned. > > The was a (very cool) presentation in Ruxcon (ruxcon.org) this year about > hacking into someone's machine via Firewire. And even if it was an exploit, > neither the researcher/hacker nor MS would consider it "security issue", > because to use this FW attack you need physical access... ie, you've lost > the battle already, it's just a matter of picking your method of breaking > in. I think that's a bit complacent of MS, given that most instances of their OS don't run on servers. If a desktop machine has encrypted partitions, it is protected against someone stealing it and breaking in at their convenience. Reading data from a running machine, shouldn't be as convenient and inconspicuous as plugging-in a cable.