| > "...your stance "this isn't a backdoor because it requires physical access; if you've given up physical access you're already screwed" is beyond disingenuous. " Ok, I'm open to the possibility that my views might be dated on this. But, to be fair: 1) the 'physical access' rule was an absolute given in training that I've taken. (I'll let you draw your own conclusions since that the training was hosted by Microsoft). I guess I've had it drilled into my head for so long that I didn't even think the assertion would be controversial here. 2)Schneier commented on here (https://www.schneier.com/blog/archives/2009/10/evil_maid_att...) stating: "As soon as you give up physical control of your computer, all bets are off." Granted, Schneier's comment was in 2009, and it's possible that expectations on security have changed since then, but 3) this stackexchange question (http://security.stackexchange.com/questions/19334/what-can-a...) is a bit more recent. Some quotes: "Physical security is a critical (arguably the most critical) part of IT Security. At the end of the day, almost anything can be overridden with local access to the hardware." "If a "hacker" with any real experience or skill has physical access to a PC, I would just throw away the hard drive and start fresh." 4) even some other comments in this thread (https://news.ycombinator.com/item?id=12264137) don't paint my notion as disingenuous as you might. Again, I'm not a security expert, but do you think I could be forgiven for making such an assertion? |
> Again, I'm not a security expert, but do you think I could be forgiven for making such an assertion?
Yeah, I forgive you.