From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from pony.its.uwo.ca([129.100.2.63]) (2298 bytes) by braille.uwo.ca via smail with P:esmtp/D:aliases/T:pipe (sender: ) id for ; Wed, 14 Feb 2001 21:55:06 -0500 (EST) (Smail-3.2.0.102 1998-Aug-2 #2 built 1999-Sep-5) Received: from ignatious (c716099-a.rchdsn1.tx.home.com [24.7.105.70]) by pony.its.uwo.ca (8.10.0/8.10.0) with ESMTP id f1F2t8F25566 for ; Wed, 14 Feb 2001 21:55:08 -0500 (EST) Received: from cpt.kirk (helo=localhost) by ignatious with local-esmtp (Exim 3.12 #1 (Debian)) id 14TEpO-0002rl-00 for ; Wed, 14 Feb 2001 21:11:30 -0600 Date: Wed, 14 Feb 2001 21:11:30 -0600 (CST) From: Kirk Wood X-Sender: cpt.kirk@ignatious To: speakup@braille.uwo.ca Subject: re: /proc/speakup In-Reply-To: <200102150214.SAA10901@viper.wapvi.bc.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII List-Id: On Wed, 14 Feb 2001, Tyler Spivey wrote: > /proc/speakup was a bad idea. because: > 1. if a hacker gained root, you couldn't turn off the net or something without speech. (if > someone shut it off) If someone hacks your box, you had best just shut the machine off, or remove it from the network with the cable. Anything else is asking for things to get worse. But let me give some more detail here: 1) If they compromise your system how do you know when you have regained complete control? The wise thing to do is to completely re-install the OS saving only the home directory. 2) As Bill pointed out haow many will even go for this? Hello?? Unless they are on the list they will need to go find out how to do all these evil nasty things. If this is a problem you need to replace your "friends." 3) Perhaps if this is a serious threat the fact they can shut down the volume is not good it is great. At least you will know someone is messing arround. Chances are if it is a real hacker and you notice the first indication is that you can't log in. 4) Someone messing with your speakup is showing they know something about the product. Evan as vast a user base as speakup has, this is a limiting factor. Spend your energy lowering your chances of being hacked. Learn more about ipchains and other security tools. ======= Kirk Wood Cpt.Kirk@1tree.net Nothing is hard if you know the answer or are used to doing it.