|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] kon-boot: there goes the neighborhood
|
On Wed, May 20, 2009 at 3:32 PM, Greg Helledy <gregsonh@gra-inc.com> wrote:
[KSB] <...snip...>
>> If you don't have physical security, you don't have security.
>>
>> Paul
>
>
> I don't see why this is such a big deal from the security perspective.
> I can already use any Live CD to copy anything I like from (or anything
> I like onto) a system I have access to. I suppose the difference would
> be that this gets around the protection of encrypted partitions.
[KSB] That's why if you lose a laptop, and then find it later, you
shouldn't boot the on-disk OS, even if you have encrypted partitions.
Boot with a known-good live CD, recover the data from the encrypted
partitions, and then install a new OS.
I suppose if I were really paranoid, I'd put the drive on another
laptop and recover it there, in case the recovered laptop has a BIOS
virus or a manipulated disk controller. If I were really, really,
paranoid, even with the drive on another laptop, I suppose I could be
concerned that they might have used dd to replicate the contents to
another drive with doctored drive electronics. But then, I don't work
for the No Such Agency.
-- Bhaskar ("they're out to make me look paranoid")
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|