l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2002 Jun 26 09:43

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[no subject]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]



If a document was created on a "trusted system" with something like 
PGP/GnuPG/whatever and then transported to the other system, then you have
better security, than composing on the remote system with either of the
above  when you cannot trust the admin on the remote system.

There is another rule that does apply to remote sessions on untrusted
machine (but does not apply *everywhere*) "Physcial access if complete
access" If you can see it on the remote machine, they (the rmeote
server admin) can too. (For example, ttysnoop can watch terminal sessions
even if ssh is used.)

Even people who carry around PDAs and store data in encrypted format often
do not have "secure" storage. Many have been "hacked" as a plain-text copy
of the key to lock/unlock the data can be left stored in a section of
memory. (Physical access rules!)

Even if you trust the present admin, *when* the machine is rooted, can you
trust the would-be computer crinimal/cracker? All it takes is a weak
service and/or an explot or a local shell user with some experience and
some setuid apps that have holes.. or... ]:>

I welcome counter examples to secure items composed on a server where the
admin of said server cannot be trusted.

-ME

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ 
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ !PGP
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html

On Tue, 25 Jun 2002, andy wergedal wrote:
> from the local system admin.
> 
> --- ME <dugan@passwall.com> wrote:
> > Secure from what? Secure from whom?
> > 
> > On Tue, 25 Jun 2002, andy wergedal wrote:
> > > How would you create a secure diary on your local
> > machine
> > > or on a server?
> > > 
> > > I thought about a free shell account and using ssh.
> > > 
> > > your thoughts...
> > > 
> > > -- Andy
> > > 
> > > =====
> > > 
> > > 
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! - Official partner of 2002 FIFA World Cup
> > > http://fifaworldcup.yahoo.com
> > > _______________________________________________
> > > vox mailing list
> > > vox@lists.lugod.org
> > > http://lists.lugod.org/mailman/listinfo/vox
> > > 
> > 
> > _______________________________________________
> > vox mailing list
> > vox@lists.lugod.org
> > http://lists.lugod.org/mailman/listinfo/vox
> 
> 
> =====
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox
> 

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.