View Single Post
Old 3rd November 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Quote:
Originally Posted by BSDfan666 View Post
.. all bets are off if they break into your premises and steal your machine.
This deserves a reply, in regards to administrative decisions affecting "security".

Some typical examples of ignorance of implication driving poor decision making (beyond the NFSv4 one I cited above):
  • A backup of an encrypted partition stored in unencrypted form at a 3rd party service provider.
  • Unencrypted backups of a critical (and privacy-required) application being taken home by an admin as the sole "offsite" service.
  • A portable computer containing an encrypted partition, lost or stolen while in a suspended state, rather than powered down.
  • Both public and private key-pair halves made publicly readable, or transmitted in-the-clear (such as by E-mail) to users to enable them to log on to some secure application.
  • A web of certificate trust so complicated, users of a secure service just give up and approve any certificate blindly. (Web browsers and X509 / SSL certs, anyone?)
The list is unending, these just come immediately to mind.
Reply With Quote