<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>I have two computers sitting side-by-side on my desktop. The
Windows 7 computer, which has all my important stuff, has no
physical connection to the Internet so it is immune to hacking. A
side benefit is that it still boots up and runs just as fast as
the day I bought it.</p>
<p><br>
</p>
<p>The other computer, that connects to the Internet, runs Ubuntu
Linux. The only physical connection between the two computers is
the KVM switch. I use "sneakernet" (USB thumb drive) if I need to
download something from the Internet to the Windows computer.</p>
<p><br>
</p>
<p>The Linux computer is actually dual-boot with Windows XP in case
I need to run some Windows software that absolutely requires an
Internet connection.<br>
</p>
<p><br>
</p>
<p>Alan Bloom</p>
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 05/09/2017 09:45 AM, Kevin Ablett
wrote:<br>
</div>
<blockquote
cite="mid:1803223219.7057159.1494348325036@mail.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff;
font-family:Helvetica Neue, Helvetica, Arial, Lucida Grande,
sans-serif;font-size:13px">
<div id="yui_3_16_0_ym19_1_1494347123655_8043" dir="ltr"><span
id="yui_3_16_0_ym19_1_1494347123655_8166">i am running
Windows 7 on my development computer. I have no password
and no virus protection. I have never had a problem. How
do I get away with this? It is not connected to anything. </span></div>
<div class="qtdSeparateBR"><br>
<br>
</div>
<div class="yahoo_quoted" style="display: block;">
<div style="font-family: Helvetica Neue, Helvetica, Arial,
Lucida Grande, sans-serif; font-size: 13px;">
<div style="font-family: HelveticaNeue, Helvetica Neue,
Helvetica, Arial, Lucida Grande, sans-serif; font-size:
16px;">
<div dir="ltr"><font size="2" face="Arial"> On Tuesday,
May 9, 2017 9:26 AM, Rick Moen
<a class="moz-txt-link-rfc2396E" href="mailto:rick@linuxmafia.com"><rick@linuxmafia.com></a> wrote:<br>
</font></div>
<br>
<br>
<div class="y_msg_container">Quoting Allan Cecil (<a
moz-do-not-send="true" shape="rect"
ymailto="mailto:allan@nblug.org"
href="mailto:allan@nblug.org">allan@nblug.org</a>):<br
clear="none">
<br clear="none">
> My brute force concern was one of "my laptop was
stolen". Now, I have<br clear="none">
> an encrypted home partition but not an encrypted
disk (on one of my<br clear="none">
> laptops, anyway) and thus /etc/password and
/etc/shadow are in theory<br clear="none">
> accessible if the volume is mounted which would in
theory allow an<br clear="none">
> offline dictionary attack.<br clear="none">
<br clear="none">
Even a system with encrypted disk suffers credible
threat models if<br clear="none">
stolen while powered up. The major spook agencies have
efficient means<br clear="none">
to attack running systems, which I won't go into further
here, but you<br clear="none">
can find descriptions in the usual places (Schneier's
blog and<br clear="none">
Crypto-Gram, etc.) And, over time, techniques pioneered
by the spooks<br clear="none">
trickle down to lower-rent attackers, too.<br
clear="none">
<br clear="none">
One interesting hypothetical is: I'm about to visit a
country known to<br clear="none">
be nosy about travelers' laptop computer. (Pick your
favourite bad boy.) <br clear="none">
What measures should I take to ensure that I don't have
various types of<br clear="none">
problems (of which several can be named)? EFF has
published some guides<br clear="none">
giving advice about this problem.<br clear="none">
<br clear="none">
<br clear="none">
> Even the low attack rate of SSH passwords is too
high for me so I've<br clear="none">
> disabled password-based login entirely.<br
clear="none">
<br clear="none">
As the saying goes, choose your own level of paranoia.
;-> I've seen<br clear="none">
so many cases of stolen public keys that I have my
doubts about this<br clear="none">
avoidance having advantages that outweigh the drawbacks.<br
clear="none">
<br clear="none">
> Not as a matter of security by obscurity but more
because I have<br clear="none">
> multiple hosts on one IP address I also use a
non-default SSH port<br clear="none">
> which substantially reduces attacks. <br
clear="none">
<br clear="none">
You call those attacks. I call them doorknob-twisting.
(But see<br clear="none">
traditional saying.)
<div class="yqt1602148408" id="yqtfd88555"><br
clear="none">
_______________________________________________<br
clear="none">
talk mailing list<br clear="none">
<a moz-do-not-send="true" shape="rect"
ymailto="mailto:talk@nblug.org"
href="mailto:talk@nblug.org">talk@nblug.org</a><br
clear="none">
<a moz-do-not-send="true" shape="rect"
href="http://nblug.org/cgi-bin/mailman/listinfo/talk"
target="_blank">http://nblug.org/cgi-bin/mailman/listinfo/talk</a><br
clear="none">
</div>
<br>
<br>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
talk mailing list
<a class="moz-txt-link-abbreviated" href="mailto:talk@nblug.org">talk@nblug.org</a>
<a class="moz-txt-link-freetext" href="http://nblug.org/cgi-bin/mailman/listinfo/talk">http://nblug.org/cgi-bin/mailman/listinfo/talk</a>
</pre>
</blockquote>
<br>
</body>
</html>