root "login" xterm to increase security?
Steve Kinney
admin at pilobilus.net
Thu Sep 20 09:11:15 PDT 2018
0On 09/16/2018 11:15 PM, grarpamp wrote:
> Any search will bring basic stuff like
>
> https://insecure.org/sploits/xsecurekeyboard_fequent_query.html
> https://www.techrepublic.com/blog/linux-and-open-source/three-features-you-may-not-know-xterm-has/
> http://tutorials.section6.net/home/basics-of-securing-x11
> https://www.reddit.com/r/openbsd/comments/83adcn/does_openbsd_x11_not_have_security_problems/
>
> Whether xorg, wayland, xenocara, drivers, ttys, init, login, getty,
> etc are receiving any level of scrutiny, audits, fuzzing, code
> scans, etc. The ancient and obscure it is, the less people look,
> and all the above are exactly that.
> Even mashing kbd on a FreeBSD can throw console into
> unrecoverable must kill state.
> And people talk how trust X?
I take it as self evident that physical access can defeat any computer
security strategy. One can limit what a naive and/or unprepared party
can do with/to a computer they get their grubby fingers on, but a
competent and properly equipped adversary - not so much.
If the machine is off when the hostile party arrives, at least the data
on an encrypted hard drive is safe. Until the next time an authorized
user switches the machine on and mounts the file system, under the
watchful eye of a hardware keylogger or flashed BIOS.
:o)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20180920/f30b650b/attachment.sig>
More information about the cypherpunks
mailing list