Date: Thu, 12 Oct 2000 01:10:05 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: phk@critter.freebsd.dk (Poul-Henning Kamp) Cc: dillon@earth.backplane.com (Matt Dillon), mbendiks@eunet.no (Marius Bendiksen), arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <200010120110.SAA11557@usr09.primenet.com> In-Reply-To: <88823.971294422@critter> from "Poul-Henning Kamp" at Oct 11, 2000 10:00:22 PM
next in thread | previous in thread | raw e-mail | index | archive | help
> Matt, we can make things very secure by default by not starting any > network processes and no gettys. That way people are forced to boot > single user first time and configure their system. Poul, don't be ridiculous. We can get the same effect by marking / dirty and forcing them to manually fsck it before the OS will boot. A more elegant soloution would be to find out if the machine has APM 2.0 and an ATX power supply, and, if so, turn the power off; other than writing pattern data to the hard drive in an NSA approved method, to ensure against some usable data being left there and readable with an atomic force microscope because of seek hysteresis, you really can't get more secure than that. > While people like you seem to prefer such "perfect" solutions, others > recognize that they just *might* harm our market acceptance. There's always the anti-intrusion from the T.V. Ad in the first RoboCop movie, which shot out metal bands to ensure the intruder was going nowhere, and then electrocuted them. If your memory needs jogging, it was the 6000 SUX Ad, "Because BIG is Back In!". Fits real well with the SUV and jacked-up truck mania in Silicon Valley these days. We could call it "4.4 BSD SUX". Yeah, normally I'm not this ascerbic, but today was car repair day -- ALL day. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010120110.SAA11557>