Re: Failover root devices

From: Austin S Hemmelgarn
Date: Fri Sep 18 2015 - 11:36:28 EST


On 2015-09-18 11:04, Ortwin GlÃck wrote:
If you have physical access then the machine is yours to do with as
you please.

Thinking of ATMs or voting machines that is a bold statement :-)
Many voting machines already have known ACE exploits already (I distinctly remember a while back some CS students demonstrated a 'modern' voting machine playing PAC-Man without modifying any of the hardware at all), and those that have network access or other accessible peripheral connections are inherently insecure, period.

And most ATM's (at least in the US) run Windows (_shivers_) XP or eCommStation (the current commercial version of OS/2 (yes it still lives on), neither of which is particularly secure even when it comes to remote access to the system, and even then, the kind of access you need would involve3 directly tampering with the system.

Irrespective of that, neither one should be configured to work like that. The intent is for custom setups primarily, if some company decides to use this in an insecure way, that's their problem, not ours (it's really easy to use a wide number of kernel features in ways that compromise security, that doesn't mean we should just rip those out).

Thinking of mobile phones it depends on your jurisdiction.
This isn't a legal ruling, it's a simple statement of fact, if someone has physical access to a system, they effectively have root access, period. While this is not probably what the above comment was directly referring to, it is an established fact.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature