[ILUG] Hard Disk Protection in Live CD Boot Ups

[Steven Kavanagh]

On Tue, Jan 13, 2009 at 11:52 PM, Paul O'Malley - gnu's not unix - <
ompaul at eircom.net> wrote:

> Kuda Dube wrote:
>
>> Hi,
>>
>> It is possible to modify a harddisk-based Linux configuration during
>> Live CD bootup session, e.g., today when I lost sudoer entry for my
>> Ubuntu account, I used a live CD to re-instate it (... no clue how the
>> entry disappeared!). If I want to ensure that no one can change my
>> configuration files using live CDs, how can I do this? I know this
>> ability is useful but it is also dangerous.
>>
>> Regards
>> ---
>> Kuda
>>
>>  bios password, grub password and hard drive encryption, in some cases a
> key and locking arrangement to block access to the disk --- however ask
> yourself this
>
> what can you actually prevent if the attacker has physical access
>
> if an attacker has physical access they can disable the bios
> (or pay a company to do so if you paid enough money for the bios ;-))


Or erm, they could just reset the jumper on the motherboard and reset it.


>
>
> format your hard drive
>
> take one screwdriver to the machine, remove the offending parts and install
> new ones
>
> game over
>
> the real question is this:
>
> what are you trying to protect against, why, and what is the cost to
> benefit ratio?
>
> to put it another way
>
> disk encryption fails when you forget the password - not if
>
> one day you will get mixed up not a lot just a little and that is too much
>
> a secret is not a secret when three people know it


Here here!


>
>
>
>
>
> --
> Irish Linux Users' Group mailing list
> About this list : http://mail.linux.ie/mailman/listinfo/ilug
> Who we are : http://www.linux.ie/
> Where we are : http://www.linux.ie/map/
>