Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: BIAS password and physical access

  • Subject: Re: BIAS password and physical access
  • From: Roy Schestowitz <newsgroups@schestowitz.com>
  • Date: Tue, 26 Jul 2005 17:11:03 +0100
  • Newsgroups: alt.os.linux.suse
  • Organization: schestowitz.com / Manchester University
  • References: <jn2hr2-j65.ln1@penne.houghi> <dc54ct$28ji$1@godfrey.mcc.ac.uk> <3kmq6fFv6skpU1@individual.net> <dc5i20$6kq$2@nntp.itservices.ubc.ca>
  • Reply-to: newsgroups@schestowitz.com
  • User-agent: KNode/0.7.2
Unruh wrote:

> cujo <fra@despammed.com> writes:
> 
>>Roy Schestowitz wrote:
> 
>>> They must have made it a possibility
> 
>>Having phisical access to a machine *A L W A Y S* gives you this
>>possibility.
> 
>>You can *ALWAYS* boot from a Live CD (doesn't HAVE to be Suse's cd at
>>all), mount the hd's root partition and edit /etc/shadow.
> 
> No, on some machines you can put in a bios password which prevents booting
> from anything but the hard drive without a password. Now, you can probably
> cancel that bios password by opening the case, but that is more difficult
> ( and can be prevented with suitable security cableing-- if nothing else
> put in a thermite bomb which fries everything in the insides if the case
> is opened without a suitable security entry.)
> 
> Ie, even physical access can be made more or less secure with work.
> 
> 
> 
>>Security is BASED on this, physical access = total control, no matter
>>what.

A secure case is probably one thing I had in mind. It requires expertise,
time and cannot be done remotely. What's more, if you lock it properly, you
can probably prevent access to the hardware.

If you happened to saw through the case, you would probably be capable of
exhuming the hard-drive and fetching the information that it contained.
This, however, requires equipment, expertise or a lot of money -- often a
recovery that is useful in juridical scenarios.

Roy

-- 
Roy S. Schestowitz
http://Schestowitz.com

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index