Re: Failover root devices

[Austin S Hemmelgarn]

On 2015-09-18 11:04, Ortwin GlÃck wrote:
> > If you have physical access then the machine is yours to do with as
> > you please.
>
> Thinking of ATMs or voting machines that is a bold statement :-)
Many voting machines already have known ACE exploits already (I 
distinctly remember a while back some CS students demonstrated a 
'modern' voting machine playing PAC-Man without modifying any of the 
hardware at all), and those that have network access or other accessible 
peripheral connections are inherently insecure, period.

And most ATM's (at least in the US) run Windows (_shivers_) XP or 
eCommStation (the current commercial version of OS/2 (yes it still lives 
on), neither of which is particularly secure even when it comes to 
remote access to the system, and even then, the kind of access you need 
would involve3 directly tampering with the system.

Irrespective of that, neither one should be configured to work like 
that.  The intent is for custom setups primarily, if some company 
decides to use this in an insecure way, that's their problem, not ours 
(it's really easy to use a wide number of kernel features in ways that 
compromise security, that doesn't mean we should just rip those out).
> Thinking of mobile phones it depends on your jurisdiction.
This isn't a legal ruling, it's a simple statement of fact, if someone 
has physical access to a system, they effectively have root access, 
period.  While this is not probably what the above comment was directly 
referring to, it is an established fact.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature