Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 14 of 14
Something that everyone has ignored is the fact that if you have physical access to the PC you can always force a single user boot from the boot manager, and ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Newbie sarlacii's Avatar
    Join Date
    May 2005
    Location
    South Africa
    Posts
    110

    Something that everyone has ignored is the fact that if you have physical access to the PC you can always force a single user boot from the boot manager, and then change the root password to whatever you want.

    So a good, complicated password is only vital, IMHO, if you have a PC that is not firewalled, and/or has ports open to the net at large.

    If you want to store data securely, then realying on your login is not a good idea at all... rather use a proper encryption option like gnupg or similar, or even better, Truecrypt (which creates and mounts encrypted partitions/files). Truecrypt encrypts data on the fly, and - depending on the algorithm that you select - can do so fast enough that you will not notice a drop in HDD access speed (I use two-fish which clocks at 59Mb/s on my somewhat outdated P4 3GHz (hyper-threading) and over 100Mb/s on my core2 duo laptop at work).
    Respectfully... Sarlac II
    ~~
    The moving clock K' appears to K to run slow by the factor (1-v^2/c^2)^(1/2).
    This is the phenomenon of time dilation.
    The faster you run, the younger you look, to everyone but yourself.

  2. #12
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,042
    Quote Originally Posted by Jonathan183 View Post
    I suspect quite a few home desktop users have a machine which is physically reasonably secure ... if someone breaks into my house the last thing I am worried about is security of PC data!
    I guess everyone so far has assumed this means the PC is physically secure ...

    Quote Originally Posted by sarlacii View Post
    Something that everyone has ignored is the fact that if you have physical access to the PC you can always force a single user boot from the boot manager, and then change the root password to whatever you want.

    So a good, complicated password is only vital, IMHO, if you have a PC that is not firewalled, and/or has ports open to the net at large.
    But in this instance if local login only is permitted how does a good password help?

    If you want to store data securely, then realying on your login is not a good idea at all... rather use a proper encryption option like gnupg or similar, or even better, Truecrypt (which creates and mounts encrypted partitions/files)
    Don't you just end up with another password? If you protect a partition then once you have it mounted doesn't that give access to all data anyway?
    I was thinking encryption only really slows down access to data when physical access is obtained ...

  3. #13
    Administrator jayd512's Avatar
    Join Date
    Feb 2008
    Location
    Kentucky
    Posts
    5,023
    Quote Originally Posted by fast1 View Post
    But the file you cannot safely secure especially windows OS.
    Beg pardon? What do you mean?
    Jay

    New users, read this first.
    New Member FAQ
    Registered Linux User #463940
    I do not respond to private messages asking for Linux help. Please keep it on the public boards.

  4. #14
    Linux Guru
    Join Date
    Nov 2007
    Location
    Córdoba (Spain)
    Posts
    1,513
    If you have physical access the only thing that can work is encryption as you say, and only if the attacker doesn't work in the NASA and doesn't have a cluster to break it. You don't even need to login or change the password, just take the HD and put it into an external case and you got access to everything. So if that's the case, the whole thread is moot.

    However, for the regular user:

    Quote Originally Posted by sarlacii View Post
    Something that everyone has ignored is the fact that if you have physical access to the PC you can always force a single user boot from the boot manager, and then change the root password to whatever you want.
    Grub can be protected with a md5 hashed password, so you will not be able to edit the kernel boot line. Hence, single user mode is discarded. Boot from cd can be disabled as well, and the bios can also be protected in an -usually- weak way. Again if you can open the case you can just rip off the battery and the password is gone.

    In general, passwords that you have to write yourself are never secure. And are just a minor annoyance, designed so you can go to the wc without your children screwing whatever you were doing. Provided enough time and physical access only encryption can help.

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •