[EROS-Arch] Re: [E-Lang] Re: Interaction Design for End-User Security
Seth Arnold
sarnold@willamette.edu
Wed, 21 Mar 2001 18:30:58 -0800
* John C. Randolph <jcr@idiom.com> [010321 18:15]:
> On Wednesday, March 21, 2001, at 05:44 PM, Mark S. Miller wrote:
>
> > This leaves stock desktop machines in unlocked offices in an
> > untenable situation. Software by itself can do nothing to repair
> > the situation. This may be the strangest argument yet for
> > telecommuting -- separation of physical vulnerabilities.
>
> What about encrypted filesystems?
Fine. I'll slip a keyghost on your keyboard when you leave your machine.
At some point, you will have to type something to unlock that
filesystem. Depending on how the encrypting filesystem was implemented,
this ought to be sufficient. (Sure, something similar to OPIE or S/Key
could be in place to make that attack less useful, but at *some* point
that keyghost will come in handy. :)
For fun reading some day, take a look at FIPS 140. It may change how you
think about hardware.
For scary reading right about now, take a look at http://www.keyghost.com
This may also change how you think about hardware. :)
--
Earthlink: The #1 provider of unsolicited bulk email to the Internet.