Re: OpenBSD business model

From: Peter Galbavy <peter.galbavy(at)knowtion.net>
Date: Fri Feb 28 2003 - 12:34:59 EST

> To give a trivial example or two, boot a *nix box from bsd.rd, mount a
drive
> - you can access anything on it. Anyone with a root password can access
properties).

Just to pick up on this point, there are two *fundemental* factors at work here;

1. Physical access; unless the hardware is proprietary enough to have physical attack protection, if you have physical access to a machine, you

win. Booting off encrypted filesystems is possible (I dunno if anyone has 'free' FS support out there, but it is impractical for most purposes: (a) if you can get to a secure console when you boot a machine to type in keys/passphrases, then you are near enough in reality to protect the machine anyway, (b) hardware breaks, software breaks more often... now admin it.

• All free OS projects are focused on providing alternatives on 'standard' harwdare. See the issues with simply getting details of this so-called off-the-shelf hardware anyway and you can imagine the scale of problem trying to build on even more specifically 'secret' hardware.

I know a bit about partitioned systems, multi-level security and the like; but they really mean very little in this context. ACLs are a touch better than the current simplistic model, but with the imprefections in these systems overall (including NT based systems) there always has to be a 'god' level user who can reset permissions and access anything. Other assumptions are just glue.

Encrypt files that you want to protect using user level tools, use IPsec, use those few features that are available to you on your hardware, but give up trying to change the world the way you imply...

Peter Received on Fri Feb 28 12:39:42 2003