Re: [tlug] bootable linux with sshd

["Fergal Daly" <fergal@example.com>]

On 03/01/07, Curt Sampson <cjs@example.com> wrote:
> On Wed, 3 Jan 2007, Fergal Daly wrote:
>
> > Someone with access to my hardware could key-sniff my ssh passphrase
> > and sudo password.
>
> Not necessarially. Sniffing that stuff would require a different sort of
> access, a different level of expertise, and possibly different equipment
> from what's necessary merely to copy a file from the disk.

Unless you audit your computer regularly, someone could slip a rootkit
on in about the time it takes to reboot your computer. Unless you have
encrypted disks etc.

> > I am not defending myself against this attack.
>
> That's not really relevant. The question is: what attacks are you
> defending against, is a defense that requires access to one of your
> computers holding the private key going to put a significant barrier in
> the way of at least some of your potential attackers, and what will it
> cost you to implement this defense?

I'm defending myself against random gits on the net portscanning. If
there ever comes a day when someone is desperately trying to hijack
_my_ Japanese TV box (while booted into the emergency recovery distro
that I hope never to use) enough to come to ireland to physically
steal my keys then I think I'm going to have to reevaluate my whole
life.

> That last bit is the key, really; what I'm saying here is that it looks
> to me as if it's so cheap that it's well worth doing, and you're saying
> that it's expensive enough that it's not worth it.

If someone else wants to take my instructions and make it differently
secure then they can, I'm under time pressure so it's extra work and
testing that I don't want to do. You are not going to convince me that
the threat you describe is one _I_ (or many people) should be worried
about,

F