recovery from stupid error

[Judd Pickell]

Ugg, everytime people talk about security all they can think of in is absolutes.

So lets tackle these in order shall we?

"Going with your analogy we might as well forget about putting locks on
our cars and doors since everyone has physical access to our property."

<sarcasm>
Q: So, how does a burglar steal again? 
A: Bypassing the locks...
</sarcasm>

Taking your analogy of your car, Lets examine that with the situation
that is being discussed here. For a person who has never broken into a
car (ie a linux newbie) they wouldn't know what to do when they
encountered the lock and would move on. But you get someone with a bit
of experience (ie a linux user or power user) and viola, they slimjim
your lock and crack your ignition and steal your car. So, experience
is the key to defeating your security.

So again, I will re-iterate, a new linux user (inexperienced) will not
know ever what to do if they did see a root login, thus the issue is
null and void. You have to have some pretty standard knowledge of how
the command prompt works to be dangerous here.

So to clarify, hopefully for the last time, if this distribution is
for new linux users, then this is not a security issue. Peroid. Give
them a bit of experience and sure, eventually they will learn what
they can do, and it would in that case could be a problem. 1/2 dozen
of one 3/4 of another, as I am fond of saying. (Don't worry it isn't
supposed to make sense)

I have had my car stolen, and I have learned the hard lesson of the
reality of just locks on the door. I spent several hundred dollars
fixing my car after they had went joyriding in it. So, do I lock my
car doors? Nope. I would rather they didn't break my windows only to
find out that they couldn't take my car. I now use a brake-lock.
Basically a big steel bar that prevents them from changing gears in
the transmission, so no matter how hard they try to steal it, they
can't. Period. If you don't want someone stealing your data, encrypt
your entire drive. No matter whether they can get root access or not,
without the passcode they can't affect your system. Period.

The best they could do to my car is to tow it and part it out (as the
bar is bulletproof and the locksmiths say they can't touch it, and
without a really good diamond edge saw blade a day to waste you aren't
getting the brake lock off). Which would be the same situation with a
totally encrypted drive, They could still steal your entire computer
but all they can do is part it out.

Okay, next point:

"If someone stumbles across my computer at work
when I'm out of the office for a few minutes, they might not have
knoppix in their pocket but all they have to do is poweroff ->
recovery mode."

Where do I begin with this. I don't know where it says that Ubuntu is
meant for your work environment. If you are, or feel that there is a
concern with what people do to your system when you are not at it,
then you won't be running a default, standard install of any OS. I
mean come on, that is Business IT 101. I work in a research
environment at the University of Arizona, we have tons of extra tools
in place on peoples computers to prevent them from doing things to the
system that they shouldn't, if they aren't allowed to.

And also if you are in a work environment and are not storing
sensitive work files on a source outside your computer, again you are
just asking for trouble. I could go into a long discertation here
about how business level system should be setup, but lets cut to the
chase. Your computer itself should be able to be fubar'd and restored
without losing anything important to your job outside of the time it
takes to get you back up and running.

But point blank -> You won't, or shouldn't be running vanilla Ubuntu
on a work system, or any version of Linux on a work system. If you
are, consider this discussion your warning. Protect your system.

But again, would a person who has never seen linux, reboot your
computer access the root, and know what to do? format c: obviously
won't work in this case.

Skaller is right about having root have a password. It needs to be
there. I have not argued that there shouldn't be passwords. I just
have a problem with the assumption that putting passwords on something
makes it secure.

But also I would like to point out that in Skaller's example he
mentioned giving a friend access. If he has, the chances of that
friend doing something to the computer he shouldn't is probably very
low anyways. Accidents happen, they can't be prevented. But lets be
serious here, how often is your friend going to poke around the
security console who doesn't know what they are doing? If they are
skilled enough to understand how to get to the recovery option, they
are most likely skilled enough to avoid creating the problems a
password is intended to prevent.

But again, he example is still general. This discussion is supposed to
be in regards to one specific issue, the ability to access root from
the recovery option. Which to get to requires physical access to the
box, to be able to see grub going through it's count down. If they
have that much access, you have already open the car door and given
them the keys. And they know much more than the average Joe when it
comes to your system. So if they ran into a password access issue, it
would be simple for them to circumvent. When it is so simple to
circumvent, why worry about it?

Shouldn't this discussion be better applied if we discussed how to
prevent someone from accessing data off your computer? What would it
matter if they managed to find a way to get a root access if you had
encrypted the folders that stored your data? And only you know the
passkey to access it. Would that not make for a better concern than
how to prevent them from accessing root?

I have dealt with users for many years, as I am sure many of you have
as well, if not at work, than with family members and etc. I have
given up on the belief that I can prevent them from having all power
on my systems, instead I try to find the ways to prevent them from
hurting my systems if they do reach that power. You will find life is
much easier as a user and admin when you know that no matter what
happens they can't hurt your system because you have already planned
for the situation.

Bleh, now another very long email, sorry guys... I just have strong
opinions.. :)

Sincerely,
Judd Pickell