[10607] in cryptography@c2.net mail archive
Re: crypto question
daemon@ATHENA.MIT.EDU (Jim Choate)
Sat Mar 23 15:36:09 2002
Date: Thu, 21 Mar 2002 23:28:54 -0600 (CST)
From: Jim Choate <ravage@ssz.com>
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: mkb@black-ice.org, Pat Farrell <pfarrell@pfarrell.com>,
"McMeikan, Andrew" <McMeikanA@logica.com>,
cryptography@wasabisystems.com
In-Reply-To: <v04210106b8c02b3ed25c@[192.168.0.2]>
Message-ID: <Pine.LNX.3.96.1020321232641.25394E-100000@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
As someone who spent 5 years doing all the physical security for a major
university I can say that ALL physical systems can be broken. No
exception. The three laws of thermodynamics apply to security systems as
well.
There is ALWAYS a hole.
On Thu, 21 Mar 2002, Arnold G. Reinhold wrote:
> It's not clear to me what having the human present accomplishes.
> While the power was out, the node computer could have been tampered
> with, e.g. a key logger attached.
> Who said you were allowed to lose power and stay secure? Laptops are
> pretty cheap and come with multi-hour batteries. There should be
> enough physical security around the node to prevent someone from
> "tripping" power.
>
> One approach might be to surround a remote node with enough sensors
> so that it can detect an unauthorized attempt to physically approach
> it.
--
____________________________________________________________________
There is less in this than meets the eye.
Tellulah Bankhead
ravage@ssz.com www.ssz.com
jchoate@open-forge.org www.open-forge.org
--------------------------------------------------------------------
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
