From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dave Eckhardt Subject: Re: [9fans] First-timer help To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <4877.1121962343.1@piper.nectar.cs.cmu.edu> Date: Thu, 21 Jul 2005 12:12:24 -0400 Message-ID: <4878.1121962344@piper.nectar.cs.cmu.edu> Topicbox-Message-UUID: 6d4309b8-ead0-11e9-9d60-3106f5b1d025 >> also if you are certain you've rebooted (eg, little reset button >> or perhaps power cycle) there's much less chance that preceding >> person using the same terminal has left something lurking > Yah, now you're just trusting the bios, the local disk (if any) > and the network. Much more secure ;-) If you can't trust the BIOS, you can't trust *anything* about the machine. There are business-card-sized CD-R's, so if you do trust the BIOS you can have a read-only bootable system in your wallet at all times. If you use the disk only for a "cfs -r", you don't need to trust its contents. What's the nature of the interaction between factotum and the auth server? If somebody who owns the network can interpose themselves between you and the auth server, can they end up with your password, or at least authenticate once as you? Dave Eckhardt