From owner-freebsd-questions@FreeBSD.ORG Wed Jun 3 13:53:10 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1EB64106564A for ; Wed, 3 Jun 2009 13:53:10 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: from mail-fx0-f163.google.com (mail-fx0-f163.google.com [209.85.220.163]) by mx1.freebsd.org (Postfix) with ESMTP id 9DFB88FC08 for ; Wed, 3 Jun 2009 13:53:09 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: by fxm7 with SMTP id 7so2684771fxm.43 for ; Wed, 03 Jun 2009 06:53:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=c6tDScztBgmWWQp8Ovv9sXDjfpSXxiy2nAb2TCsjJY8=; b=sF9INavsyDIbpELrhvapqhA9l5D9y/1rE0cS4rqHJayXhtIPoQDmg9W/3/OEJZ6uzp KhLd2fMb+AdolrCfoQdpe7Ot2ijClJVEnSq3/lNJwrEkTvv0lfxu7iZ6opgaoC+Vdyrx KmW0jsJUFWphmTVm8ecmM0+qSbSEuM6UTSsrU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=BoWimut7oeobCUe78yDasHEBbZhF08kP8fBfCJKuuHqb8SMhmOAMAjf27K36vtPiEG Y1catc1efjlSdAMBR2dAwQTdGHVbG4ANCXLONBgjOVeQbIjDmXWIVx42gycZMCnOBIK1 1JVuVNJttX3LM0TuG2DlivpD8YBl5gi1eKxQ8= MIME-Version: 1.0 Received: by 10.204.63.209 with SMTP id c17mr920470bki.47.1244037187408; Wed, 03 Jun 2009 06:53:07 -0700 (PDT) In-Reply-To: <20090603133343.GB1988@phenom.cordula.ws> References: <4d3f56c90906020812t40c5fcbv178bcd7f702356f@mail.gmail.com> <4ad871310906020843n3e7dc96ap28d5d622e844abf1@mail.gmail.com> <20090603004914.73f40a60@gluon.draftnet> <20090603091800.GA1177@phenom.cordula.ws> <20090603102720.GB1349@phenom.cordula.ws> <20090603133343.GB1988@phenom.cordula.ws> Date: Wed, 3 Jun 2009 09:53:07 -0400 Message-ID: <4ad871310906030653o62d7e708w1a7be44334ab8dab@mail.gmail.com> From: Glen Barber To: cpghost Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Open_Source X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jun 2009 13:53:10 -0000 On Wed, Jun 3, 2009 at 9:33 AM, cpghost wrote: >> There are MUCH simpler methods. Just pay few bucks to charwoman to look at >> papers glued to monitor with passwords on them ;), or maybe a minute more >> to look at different places. > > Oh yes indeed: THAT's always bee the more serious threat, > security-wise. > A colleague of mine is a Windows administrator for a local company. I didn't think people actually did this until he told me a little "prank" he pulls on those who do: When he finds a Post-It on their monitor with a password (or something resembling a password), he will write a different "word" on the Post-It and replace it with what was there (the real password) to teach them a lesson... > And don't forget about TEMPEST-like kinds of attack: you can't > imagine just how much information you give away on the electromagnetic > spectrum, even if you don't use WLANs... information that can be picked > up a few hundred meters away or even more outside of your security > perimeter and reconstructed. > > Talking about (justified?) paranoia: some 10 years ago, we had some > routing equipment in a server room that was NOT in the basement (i.e. > it had a window to the outside). Guess what? We had to put black > electrician's tape on the switches' LEDs, because it turned out that > those LEDs were blinking at the exact rate of the transmitted data, > bit-for-bit, and that anyone with a telescope and an optical sensor > could have picked that pattern up, and reconstructed the data stream. > > Scary, uh? My colleagues never understood (nor do they to this day) my paranoia regarding security and untrusted code. I always point them in the same direction: http://cm.bell-labs.com/who/ken/trust.html -- Glen Barber http://www.dev-urandom.com http://www.linkedin.com/in/glenjbarber