Re: [9fans] how to lock cpu console

[Corey <corey@bitworthy.net>]

On Wednesday 01 September 2010 12:52:40 erik quanstrom wrote:
> > Also, a logical fallacy:  Since X could sometimes be used to thwart Y,
> > then Y is useless in all cases.
> 
> i think the correct statement of the thinking (or
> at least my thinking) is
> 
> 	we want to assert X, but
> 	since Y defeats X, we require !Y to assert X.
> 
> in something closer to english, the assertion is that
> if one requires a secure server, you've got to have physical
> security.  since there are too many easy ways to circumvent
> most known security measures given physical access.
> 
> i don't think this assertion has anything to say about
> console locking, just that it doesn't solve the stated problem—
> execepting, of course, if the data on non-volatile storage is
> is encrypted and the key is lost on reboot.
> 

Well, security isn't a binary state; it exists within a spectrum:
it's prudent and logical to utilize all means possible - and especially 
to cover the low hanging fruit.

It could be said that a locked door is security theatre - because all
it takes is a lockpick or crowbar to circumvent. Or that a helmet
is useless, because it doesn't prevent death from blood-loss or
shock sustained from other injuries.

Console passwords are an effective and relevant _auxiliary_precaution_ ,
to be utilized in addition to the other available methods at one's 
disposal - and they're such a no-brainer... it seems like more of 
a questionably useful symbolic gesture to not include such a
simple mechanism right out of the box as standard ops.

BUT... that's all for me with regards to this debate - I don't want
to get into it again.  (c8=   I know better than to argue on 9fans. <grin>


Cheers!

Corey