Posted 23 October 2016 - 06:09 PM
V.T. Eric Layton, on 23 October 2016 - 03:29 PM, said:
All systems are vulnerable when the physical device is exposed to unwanted fingers. I can break into and steal data from any of your Windows or Linux systems with nothing more than a portable USB linux OS and a bit of space on it to save your data once I access it and steal it. Porteus mounts all partitions on a system as root by default when started from a USB. Your only protection would be if your files were encrypted. Even then, I could still get in and lock them down with my own encryption and then ransom them. Or I could just delete them.
I understand this flaw in the kernel we're talking about here is something that should never have been allowed and overlooked for so long, but I don't think it's anything near as dangerous as most of the FUD going around portends.
Happy computing! Oh, and watch out for those Internet of Things. They're going to come around and bite you in the ascii someday; just ask Dyn about that.
Heartily agree and second. I don't consider any security issue that involves physical access as critical. If people who should not already have access to the physical machine that is the critical flaw, anything after that is "closing the barn doors after ..."
However, if the flaw only requires a remote login , then yeah FUD it all out.
Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end for they do so with the approval of their own conscience. ~C. S. Lewis