From owner-freebsd-hackers Tue Apr 23 3:31:50 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by hub.freebsd.org (Postfix) with ESMTP id 27F3537B417; Tue, 23 Apr 2002 03:31:47 -0700 (PDT) Received: from pool0061.cvx21-bradley.dialup.earthlink.net ([209.179.192.61] helo=mindspring.com) by swan.prod.itd.earthlink.net with esmtp (Exim 3.33 #2) id 16zxaH-0006H5-00; Tue, 23 Apr 2002 03:31:42 -0700 Message-ID: <3CC537F1.7F571CD2@mindspring.com> Date: Tue, 23 Apr 2002 03:31:13 -0700 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Greg 'groggy' Lehey Cc: Jordan Hubbard , Robert Watson , Oscar Bonilla , Anthony Schneider , Mike Meyer , hackers@FreeBSD.ORG Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support considered harmful?) References: <11670.1019530386@winston.freebsd.org> <20020423131646.I6425@wantadilla.lemis.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Greg 'groggy' Lehey wrote: > I've been noticing a continuing trend for more and more "safe" > configurations the default. I spent half a day recently trying to > find why I could no longer open windows on my X display, only to > discover that somebody had turned off tcp connections by default. > > I have a problem with this, and as you imply, so will a lot of other > people. As a result of this sort of thing, people trying to migrate > from other systems will probably just give up. I certainly would > have. While it's a laudable aim to have a secure system, you have to > be able to use it too. I'd suggest that we do the following: I think we need to make an ACPI call in the loader to power off the machine before it becomes dangerously functional. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message