RE: CRIME Microsoft Windows XP question

From: Nate McAlmond (NateM@private)
Date: Thu Jan 02 2003 - 14:05:47 PST

Next message: Tim Kramer: "Re: CRIME Someone on this list is infected"

Previous message: rrwilso@private: "Re: CRIME Microsoft Windows XP question"
Next in thread: Edward J. Metzler: "RE: CRIME Microsoft Windows XP question"
Reply: Edward J. Metzler: "RE: CRIME Microsoft Windows XP question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bios passwords and boot media are nothing you should count on. If you don't
have physical security you don't have any security.
Nate McAlmond

-----Original Message-----
From: rrwilso@private [mailto:rrwilso@private]
Sent: Thursday, January 02, 2003 1:27 PM
To: Crispin Cowan
Cc: crime@private
Subject: Re: CRIME Microsoft Windows XP question

So take the removable media out of the boot sequence and set a BIOS
password.

                      Crispin Cowan

                      <crispin@private         To:      Shaun Savage
<savages@private>                                             
                      om>                      cc:      crime@private

                      Sent by:                 Subject: Re: CRIME Microsoft
Windows XP question                                        
                      owner-crime@private

                      dx.edu

                      01/02/2003 01:17

                      PM

Shaun Savage wrote:

> Even though Linux is not totally secure, it is an order of magnitude
> better than any MSwindows product.  Buy using SELinux, (which is free)
> or WireX (which is good), a person can improve security where socal
> engineering is the only fesible way.

While I appreciate the praise, neither Immunix nor SELinux provide
security against physical access. The problem is below the operating
system, in the BIOS: by default, the hardware/BIOS looks at removable
media (floppy, CD, DVD) ahead of looking at the hard drive to boot from.
To 0wn the machine, just insert a malicious disk and reboot.

> Open Source Linux Rules

Linux, security-enhanced or not, is subject to the same threat.

To prevent this attack, while also offering physical access (i.e. in a
public kiosk or a school lab) you have to physically block the removable
media. For instance, you remove the CD and floppy drives from the
machine, and then encase the whole box in a locked cabinet so the
attacker can't install their own drives.

Protecting a home PC from your kids is flat out impossible. If it still
is important to have this protection, get a door lock.

Crispin
--
Crispin Cowan, Ph.D.
Chief Scientist, WireX                      http://wirex.com/~crispin/
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html
                Just say ".Nyet"

(See attached file: attjnhdd.dat)

===========================================================================
IMPORTANT NOTICE: This communication, including any attachment, contains
information that may be confidential or privileged, and is intended solely
for the entity or individual to whom it is addressed.  If you are not the
intended recipient, you should delete this message and are hereby notified
that any disclosure, copying, or distribution of this message is strictly
prohibited.  Nothing in this email, including any attachment, is intended
to be a legally binding signature.

Next message: Tim Kramer: "Re: CRIME Someone on this list is infected"
Previous message: rrwilso@private: "Re: CRIME Microsoft Windows XP question"
Next in thread: Edward J. Metzler: "RE: CRIME Microsoft Windows XP question"
Reply: Edward J. Metzler: "RE: CRIME Microsoft Windows XP question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 02 2003 - 18:46:30 PST