Hacker News new | ask | show | jobs
by talmand 4700 days ago
If we're only talking about exploiting a device across a network, sure turn it off or disconnect it from the network. But there's more to security than that.

One can always take the device and turn it on for oneself.

If one can't exploit the device, one can resort to rubber-hose cryptanalysis.
1 comments
Dylan16807 4700 days ago
We are only talking about exploiting a device across a network.
link
TeMPOraL 4700 days ago
Then bridge the gap by infecting pendrives. That's how e.g. Stuxnet worked.
link
Dylan16807 4700 days ago
I don't understand what you're replying to. Physical access is a great way to bypass network security, but it has nothing to do with websites.
link
TeMPOraL 4700 days ago
"Exploiting device across network".

Security doesn't exist in isolation. AKA. there's always a way.

link
Dylan16807 4700 days ago
If you assume a specific target, there is always a way to get to them.

If you're talking about making a browser secure against internet-based attacks, there is not always a way. This type of security is merely extremely, overwhelmingly difficult.

link