[Tfug] Static/Dynamic (IP,name) bindings
Robert Hunter
hunter at tfug.org
Thu Sep 13 21:48:39 MST 2012
On Fri, Sep 14, 2012 at 6:08 AM, Bexley Hall <bexley401 at yahoo.com> wrote:
> And, it still isn't a guaranteed fix. E.g., plug the device in
> question directly into that laptop (or, use a dual-NIC laptop
> as a bridge) and the fancy switch doesn't help you at all!
> Once the code is loaded, remove the laptop and sneak back out
> of the house "innocently".
I thought you were just setting up something for yourself. Now I see
that you are thinking in terms of a consumer product. Furthermore,
you are describing a kind of worst-case scenario, where a non-techie
user is beset by high-tech bad guys, who could rappel in from the
roof, wearing night vision goggles, and satellite-fed wrist computers.
Well, that simplifies things tremendously: in that scenario, there is
no such thing as a "secure system". :)
> Yes. But, again, that assumes the consumer is aware of this
> risk, understands it and is willing to invest the time and
> money to make those changes. "Why can't I keep things the
> way they are?"
I don't know -- that's a marketing issue. :P
> How many folks *actively* worry about their internet exposure?
> Or, information leaks from their cell phones? etc.
Probably not many -- and for those that do, probably not enough. In a
previous thread, someone mentioned Ken Thompson's "Trusting Trust"
essay. It's a must-read for anyone concerned with computer security.
http://cm.bell-labs.com/who/ken/trust.html
After reading Thompson's article, you may start thinking of "security"
in relative terms. Linus Torvalds said that he has three firewalls
between his development machine and the Internet. I wonder if he has
verified his tool chain. And what about the firmware and microcode of
his computers? And what about the high-tech rappelling bad guys? :)
http://lwn.net/Articles/464530/ (see section titled "Security")
http://www.youtube.com/watch?feature=player_embedded&v=k-oVuQpjG3s
http://www.nj.com/news/index.ssf/2010/03/acrobatic_thieves_hit_nj_best.html
--
RH
More information about the tfug
mailing list