[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Security Thoughts

To: list@xxxxxxxxxxxx
Subject: Re: [LUG] Security Thoughts
From: Tom via list <list@xxxxxxxxxxxxx>
Date: Thu, 30 Mar 2017 11:41:17 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dclug.org.uk; s=1475831162; h=Sender:Content-Type:Content-Transfer-Encoding:Reply-To:From:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Subject:In-Reply-To:MIME-Version:Date:Message-ID:References:To; bh=8HY5l21kQ+DNniRyrMGO+4wn/oAyQ+vHPnp4xdd7GqE=; b=CF+4vYdiPOeHxhjsWgkiz4rVTMI2cCaBANKrv7eoXHuYbVSQX9cb2EJOt1tyL42KBVUm7hZF1/qlsfvoibp3kjlVktEvi/xoexU+8ERWa1Fc05KFNxnGbN+PgbcT/jcoOMuDvq4fV2kI4ZfdFW+jOEhDRZKBGFIuvCh5O9MCXa4=;
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=ketu19Y8qf4JiZwrtThcnmxiVx316vywsxD9RJ5b8mU=; b=TAnlwFBMirzq4s6ph8B8bZXdEHqeuPSmf47gHCOSmSJ167GZYbDoq124BnCWCdyeqO fogXi3bQ5LuxA5OfWbF6T7UYI7/Py9TugDaLjVbgVhOwqU+JPo6j1WOXBBpjdvA3xp8n OYffLeDkzL0dAiv2ddN2CxV6b6XndiV/IofwN++5T0///7/4wHC8IvHdpR4p9ga7XP8d aIAreD/cCFwtBa6Pi2Y1+U+2lHOBmJCdVGubq0ecmRYqG/m6iAp6RZmDmVXDMzf27IKt fbmHG1Lfi5gbNFaNQOzA7mCu5JtdUWP5gvmEgLRQmGgqxxGGqTbXPObBGIWs7zXhHeVl HJSQ==

On 30/03/17 09:29, Paul Sutton via list wrote:


On 30/03/17 09:09, Martin Gautier via list wrote:


On 30/03/17 08:50, Neil via list wrote:

With all that is happening about surveillance and back doors in
programs etcetera, recently I am getting more and more concerned
about security.

I, my wife and daughter all use Linux. We are each the only user on
our own machines. When we log on the password we use is also the one
to use with sudo to become root. (We all use Xubuntu.) This has long
seemed to me to be a weakness in our security.

So I am wondering, wouldn't it be safer to have a separate root
password, different from the log on one? Then if someone, for
whatever reason, gets to know our log on password, they would not
also have our sudo password.

So, is that a good idea? Is is easy to do? Is it even possible? Any
thoughts/comments from anyone on the list?

Just wondering,

Neil

If someone has your password and direct access to your PC it's pretty
much game over as far as security is concerned.

Paul has already articulated my suggestions but you might want to add
home directory encryption into the mix - that way your data is
protected if your PC is taken but the password is not known.

Good point there,   it is another layer especially if you have a potable
device.

Wow! Drinkable computers!
Tom te tom te tom hic

--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] Security Thoughts
- From: Neil via list

References:
- [LUG] Security Thoughts
  - From: Neil via list
- Re: [LUG] Security Thoughts
  - From: Martin Gautier via list
- Re: [LUG] Security Thoughts
  - From: Paul Sutton via list

Prev by Date: Re: [LUG] Security Thoughts
Next by Date: Re: [LUG] Security Thoughts
Previous by thread: Re: [LUG] Security Thoughts
Next by thread: Re: [LUG] Security Thoughts
Index(es):
- Date
- Thread