Salut, On Thu, 6 Mar 2008 11:01:45 +0100 (CET), bzhbfzj3001@xxxxxxxxxxxxxx wrote: > Actually they can be prevented by instructing the controller to > filter the adresses the devices send. Then again, that's work, and > physical attacks are typically considered low-risk, so I guess it's > not found worth it. There is a quite viable technical solution in the form of a patch which solves most of these problems. Also, I heavily disagree that physical security is of no importance. Nowadays, there are ways to achieve quite good physical security using disk encryption and mechanisms which lock the encrypted parts of the disk on demand (e.g. when closing the lid of a notebook). Now, all of these mechanisms can be circumvented by plugging an evil device which looks like an iPod, smells like an iPod but fetches your keys from memory. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33 Güterstrasse 86 Fax:+41 61 383 14 67 4053 Basel Web:www.sygroup.ch tonnerre.lombard@xxxxxxxxxx
Attachment:
signature.asc
Description: PGP signature