IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [physical-access]

The best security measures can be rendered useless if you don't physically protect your systems. An intruder can steal a computer, server, or smartphone, then crack the password at his leisure. (Source: "Physical access". Wikipedia. Citing: Michael Meyers. ISBN 978-0-07-225345-0. McGraw-Hill Education.)

The best security measures can be rendered useless if you don't physically protect your systems. An intruder can steal a computer, server, or smartphone, then crack the password at his leisure. (Source: "Physical access". Wikipedia. Citing: Michael Meyers. ISBN 978-0-07-225345-0. McGraw-Hill Education.)

129 questions
155
votes
23 answers

Hardening Linux desktop machine against people from my household

I am looking to make a clean install of a Debian system on my home desktop. To clarify, I am switching from Windows and wish to use it as my day-to-day home OS - I'm not going to be running any servers or anything like that. I also have reason to…
Boris
  • 1,410
  • 2
  • 9
  • 11
114
votes
6 answers

Roles to play when tailgaiting into a residential building

Following people into a large RFID protected residential building is ridiculously easy, as not everyone knows everyone else. Just the other day I was let in with a rifle (an airgun, but how could have they known). But standing helplessly in front of…
Vorac
  • 1,817
  • 3
  • 20
  • 27
107
votes
19 answers

Defence methods against tailgating

This is a follow-up question to this one: Roles to play when tailgaiting into a residential building How do you protect yourself or your company against tailgaters? What is the best answer when you are asked by, let's say the delivery guy, to let…
Lithilion
  • 1,669
  • 2
  • 7
  • 16
95
votes
3 answers

What is the purpose of the rotating plate in front of the lock?

I am now in Poland and see these everywhere: The plate can rotate freely,when you insert the key, matching the groove, you rotate the key so it is aligned with the lock and then insert the key. What is the purpose of this?
Thomas
  • 831
  • 1
  • 6
  • 6
93
votes
8 answers

Can secret GET requests be brute forced?

Say, I have on my server a page or folder which I want to be secret. example.com/fdsafdsafdsfdsfdsafdrewrew.html or example.com/fdsafdsafdsfdsfdsafdrewrewaa34532543432/admin/index.html If the secret part of the path is quite long, can I assume…
Kargari
  • 911
  • 1
  • 6
  • 5
91
votes
17 answers

Why do we still use keys to start cars? why not passwords?

Around a year ago I have asked a question about the weakest factor of authentication. I have had some good answers that convinced me as I always imagined the authentication process in my head as some employee in a high security facility trying to…
Ulkoma
  • 8,793
  • 16
  • 65
  • 95
90
votes
15 answers

How to store passwords written on a physical notebook?

Answers to the question "How safe are password managers like LastPass?" suggest that storing personal passwords on a physical notebook might be a reasonable option: I know someone who won't use Password Safe and instead has a physical notebook…
tmh
  • 1,139
  • 1
  • 9
  • 10
89
votes
9 answers

Secure USB cable for charging in untrusted environments

On a long haul flight, I imagine that charging a phone (in flight mode) with the inbuilt USB port on the head rest would be a security risk. Could I mitigate that risk by taking a regular USB cable and cutting the data (but not the power) cables? Or…
DarcyThomas
  • 1,298
  • 1
  • 10
  • 15
80
votes
8 answers

How is 'Removing RAM' a security risk?

Today I was watching a video on 'Ethical Hacking' where, while discussing hardware attacks, the narrator said: Removing RAM or components from a desktop or a laptop Here's a screenshot: I understand that removing stuff like storage drives is a…
undo
  • 2,075
  • 2
  • 12
  • 18
67
votes
5 answers

Why is iPhone's internal storage so hard to crack/decrypt?

I’ve heard about a rule in Information Security, that once a hacker has access to your physical machine, then it’s all over. However, there seems to be a big exception to this rule: iPhones. It was all over the news a while back that the CIA (or the…
Melkor
  • 1,285
  • 2
  • 10
  • 12
56
votes
10 answers

Does the saying "physical access = game over" apply to smartphones, too?

I was surprised to read in the responses to this popular question that it's considered nigh impossible to secure a computer system if intruders have physical access. Does this apply to smartphones as well? Let's suppose I have done the most I can…
Max
  • 705
  • 1
  • 4
  • 7
54
votes
8 answers

I'm an IT consultant. Should I discourage a client from telling me his password?

I'm an IT consultant. One client has known me for a few years. He wants me to do some work on his kids' laptop again. I'll need to log into his kids' Windows user account. (I'm guessing that multiple kids share one account.) This time, he wants to…
unforgettableidSupportsMonica
  • 662
  • 6
  • 17
48
votes
7 answers

How to securely, physically destroy a hard drive at home?

Hard drive in question has sensitive unencrypted data but has failed and no longer responds so can't be wiped. I'd like to physically destroy the said hard drive (3-1/2" desktop, spinning platter drive) before discarding it. What "home remedies" are…
DeepSpace101
  • 2,143
  • 3
  • 22
  • 35
42
votes
9 answers

Is physical security less important with disks on a server being encrypted?

If you could get physical access to a server, you could change the root/admin password even if you did not know the current password. However with encrypted disks, I don't think this is possible (or is it?). So, does this mean physically…
user93353
  • 1,982
  • 3
  • 19
  • 33
41
votes
9 answers

What are the potential risks of leaving a device in public, but locked?

Let's say you're in a public café, or conference, where you trust your device won't be stolen if you go to the bathroom for 5 minutes, but you don't trust it might not be tampered with. What are the potential security risks I might run into here,…
Zee
  • 529
  • 1
  • 4
  • 7
1
2 3
8 9