[vox-tech] User with root privileges

Ryan vox-tech@lists.lugod.org
Mon, 24 Nov 2003 02:55:43 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 24 November 2003 02:22 am, Michael Wenk wenk-at-praxis.homedns.or=
g=20
|lugod| wrote:
> On Sunday 23 November 2003 01:20 am, Mark K. Kim wrote:
> > On Sun, 23 Nov 2003, Michael Wenk wrote:
> > > Ya know, there's one thing that always makes me laugh, and that's when
> > > a non professional gets all anal about their home system.  Get a grip,
> > > the absolute worst thing that can happen is you have to spend an hr or
> > > two reloading your system.   Its one thing to expend the level of
> > > effort to learn about something, another thing to just do it cuz you'=
re
> > > afraid of being hacked.

No, the worst thing that can happen is they can set up shop, and start usin=
g=20
your box to distribute spam and kiddie porn, getting you in a nice mess wit=
h=20
the feds, and getting you branded a pervert even if you DO get let off.

And do you ever log in to machines at work from home? What if someone=20
installs a password logger? They run wild your boxes at work too. Not good.

> > Well... I have large archives of files that date back to my junior high
> > school days... including homeworks, project files from various projects=
 I
> > undertook, all my diaries, and photos from many of my trips and my past
> > that's utterly priceless and irriplaceable once gone.  Those are more
> > important to me than any expensive tech gadgets or collectables in my
> > possession.  In such case I'm sure you understand how one administers t=
he
> > computer system can be important to certain people.
>
> Accept yes.  Understand no.  I don't understand why methodolgy is importa=
nt
> on a home system.  Yes, the stuff on there may be important to you, but w=
hy
> the hell would anyone else want to get it?  and if so, and if data and
> system security are that important, what about physical security?  If
> someone really wanted my data, they'd just break in, yank my box, and run=
.=20
> So you work yer ass off for something, and 9 chances out of ten, you're
> leaving yourself open to the lowest level of attack.  That I don't
> understand, and it makes me laugh.   Personally, I do the 10% that keeps
> out 75% of the people.  and when I did this for a living, I did the
> additionaly 80% that kept out 20% in addition to...

$ mount | grep /home
/dev/hda2 on /home type ext3 (rw,encrypted,loop=3D/dev/loop0,encryption=3DA=
ES128)

(my swap partition is encrypted as well, initialized at boot with a random=
=20
key)

Steal my box, spend the next few decades cracking the the encryption (or ge=
t=20
me to cough up the passphrase). I even keep encrypted backups at another=20
location.

- --=20
PGP/GPG Fingerprint: 3B30 C6BE B1C6 9526 7A90  34E7 11DF 44F3 7217 7BC7
On pgp.mit.edu, import with `gpg --keyserver pgp.mit.edu --recv-key 72177BC=
7`
Also available at http://www.cal.net/~ryan/ryan_at_mother_dot_com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/weO3Ed9E83IXe8cRAia6AJ4lmV2gC/xTQHrjY2IGM6xVBS+/xgCgts3t
368OicFkW7+YgFSSjHuiDUI=3D
=3DXeBO
-----END PGP SIGNATURE-----