From owner-freebsd-hackers  Tue Apr 23  4:39:49 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from newsguy.com (smtp.newsguy.com [216.148.53.71])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3249B37B41A; Tue, 23 Apr 2002 04:39:43 -0700 (PDT)
Received: from newsguy.com (cbace203-181-81-164.dial.telebrasilia.net.br [200.181.81.164])
	by newsguy.com (8.9.1a/8.9.1) with ESMTP id EAA09301;
	Tue, 23 Apr 2002 04:39:38 -0700 (PDT)
Message-ID: <3CC547C7.C1A0DC6D@newsguy.com>
Date: Tue, 23 Apr 2002 08:38:47 -0300
From: "Daniel C. Sobral" <dcs@newsguy.com>
X-Mailer: Mozilla 4.79 [en] (Win98; U)
X-Accept-Language: en,pt-BR,pt,en-GB,en-US,ja
MIME-Version: 1.0
To: Terry Lambert <tlambert2@mindspring.com>
Cc: "Greg 'groggy' Lehey" <grog@FreeBSD.ORG>,
	Jordan Hubbard <jkh@winston.freebsd.org>,
	Robert Watson <rwatson@FreeBSD.ORG>,
	Oscar Bonilla <obonilla@galileo.edu>,
	Anthony Schneider <aschneid@mail.slc.edu>,
	Mike Meyer <mwm-dated-1019955884.8b118e@mired.org>,
	hackers@FreeBSD.ORG
Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support 
 considered harmful?)
References: <rwatson@FreeBSD.ORG> <Pine.NEB.3.96L.1020422223923.64976i-100000@fledge.watson.org> <11670.1019530386@winston.freebsd.org> <20020423131646.I6425@wantadilla.lemis.com> <3CC537F1.7F571CD2@mindspring.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG



Terry Lambert wrote:
> 
> Greg 'groggy' Lehey wrote:
> > I've been noticing a continuing trend for more and more "safe"
> > configurations the default.  I spent half a day recently trying to
> > find why I could no longer open windows on my X display, only to
> > discover that somebody had turned off tcp connections by default.
> >
> > I have a problem with this, and as you imply, so will a lot of other
> > people.  As a result of this sort of thing, people trying to migrate
> > from other systems will probably just give up.  I certainly would
> > have.  While it's a laudable aim to have a secure system, you have to
> > be able to use it too.  I'd suggest that we do the following:
> 
> I think we need to make an ACPI call in the loader to power off
> the machine before it becomes dangerously functional.

I hear that. I'll put it on my list too.

-- 
Daniel C. Sobral			(8-DCS)
dcs@newsguy.com
dcs@freebsd.org
capo@international.bsdconspiracy.net

	"They did what they could to help her, using human skills -- and then,
when that failed, left it in the hands of the gods. In this case," he
bowed slightly, "myself. Like it or not," the demon continued, "that is
my status in this region. Take it up with my priests if it bothers you."

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message