| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 2771.1 | easy to do | SAUTER::SAUTER | John Sauter | Thu Jul 27 1989 19:15 | 3 |
| You could certainly modify the startup command file to require a
password.
John Sauter
|
| 2771.2 | Startup Passwords not very secure | AGNESI::EKLOF | Waltzing with Bears | Thu Jul 27 1989 19:52 | 4 |
| Of course, CTRL-D would get around it pretty easily.
Mark
|
| 2771.3 | Buy a padlock | TLE::RMEYERS | Randy Meyers | Thu Jul 27 1989 20:42 | 8 |
| Re: .0
Whatever you do, I doubt that you could keep anyone but the biggest
neophyte out of your machine. Something as simple as turning off the
machine and booting with a different boot disk would defeat you.
The military has a policy that the best computer security is a locked
door (with all access to the machine on the other side).
|
| 2771.4 | Here's a "solution" | FRAMBO::BALZER | Christian Balzer DTN:785-1029 | Fri Jul 28 1989 07:00 | 13 |
| Re: .2, .3
You could by the "insert another boot disk" trick by setting the
boot priority of your HD above the floppy...
And while you're at it, attach a nice little password routine to
your FastFileSystem stored within the RigidDiskBlock structure at
the start of your HD. The password could be stored in the same
structure.
But Randy is perfectly right, the best and most secure way to keep
someone to fondle your system :-) is to restrict access to it.
<CB>
|
| 2771.5 | Ooops | FRAMBO::BALZER | Christian Balzer DTN:785-1029 | Fri Jul 28 1989 07:19 | 11 |
| Re: .5
I obviously had to many beers last night, my English starts breaking
apart again. :-)
It should have been "could <get> by" and "someone <from fondling>
your system".
Oh well, such is life...
<CB>
|
| 2771.6 | What ? | WJG::GUINEAU | | Fri Jul 28 1989 11:26 | 8 |
| Ok, <cb>:
1. Change boot priority?
2. RigidDiskBlock
Is this "hardblocks" stuff???
John
|
| 2771.7 | There ya go... | FRAMBO::BALZER | Christian Balzer DTN:785-1029 | Fri Jul 28 1989 12:34 | 14 |
| Re: .6
Yup, this is "hardblocks" stuff. The terminology is somewhat uncertain
in this area, but several CBM fellas refered to it as "RigidDiskBlock"
stuff. It's defined in "hardblocks.(h/i)".
You can do such thingies as changing the boot priority with HD
controllers that fully support the RigidDiskBlock protocol, like
the HardFrame, A590, A2091 (not yet released) and hopefully the
newest versions of the Supra and GVP software.
Did that enlighten you? :-)
<CB>
|
| 2771.8 | | UFP::LARUE | Jeff LaRue - MAA Senior Network Consultant | Fri Jul 28 1989 13:59 | 10 |
| This month's issue of Amigo Times (v1.6) has a piece of
PD software that will password protect a running system
and lock out the keyboard and screen until the correct
password is given.
...of course re-booting with a different disk still defeats it!
I think the source to the program is also included.
-Jeff
|
| 2771.9 | DH0: to avoid a different boot? | GIAMEM::I_SHAW | I hate LJ252-Amiga problems. | Fri Jul 28 1989 14:33 | 11 |
| > This month's issue of Amigo Times (v1.6) has a piece of
> PD software that will password protect a running system
> and lock out the keyboard and screen until the correct
> password is given.
> ...of course re-booting with a different disk still defeats it!
But, if you autoboot from the DH0: then there's no way around it,
right?
--mikie--
|
| 2771.10 | How about this ??? | EEMELI::LINDEN | | Fri Jul 28 1989 14:43 | 15 |
| Here's one protection idea.
Use the Kickstart ROM and make an duplicate to EPROM then put
the extra code also in to the EPROM (the password check) and when you
start up your machine it checks for the password ...
I can't say that this is easy but I think it could be done... In Germany
they are selling Kicstart ROM v1.2 and v1.3 wich include copy programs in
the EPROM ...
This could be experimented on the A1000's Kickstart Disk but that
ain't fool proof because you can change the Kickstart Disk.
-Kari
|
| 2771.11 | AutoBoot alone won't do... | FROCKY::BALZER | Christian Balzer DTN:785-1029 | Fri Jul 28 1989 15:37 | 11 |
| Re: .9
Nah, won't work, since the first thing an autobooting DH0: would
do is to execute the startup-sequence, which could be interrupted
by control-D.
.10 would work, but my approach is much more flexible, although
not suitable for everyone... ;-)
<CB>
|
| 2771.12 | Ideas..Ideas..Ideas.. | EEMELI::LINDEN | | Fri Jul 28 1989 15:47 | 13 |
| Re: .11
But if you have that an Autobooting HD and you use those boottracks,
could the booting be overrided by bootdisk in DF0: ?!?!
So that could eliminate the HD based password protection, but if it's
in the ROM and you modify the Kickstart then it could not be eliminate,
unless you change the ROM(ie. EPROM) having the Kickstart and the
password code.
This would be far more secure way to protect the computer.
-Kari
|
| 2771.13 | Not if you don't want to. | FRAMBO::BALZER | Christian Balzer DTN:785-1029 | Fri Jul 28 1989 16:10 | 7 |
| re: .12
NAAAAAHHH, read the whole topic, you can set the "right" HD controllers
to have a boot priority higher than the floppy.
So no booting of a disk...
<CB>
|
| 2771.14 | | EEMELI::LINDEN | | Fri Jul 28 1989 16:36 | 8 |
| re: .13
Sorry, my miss!
But then you should have Autobooting HD's and Kickstart v1.3 or higher
to use that kind of system otherwise it doesn't work at all.
-Kari
|
| 2771.15 | what are you trying to protect? | SAUTER::SAUTER | John Sauter | Fri Jul 28 1989 16:40 | 16 |
| The protection strategy has to depend on what you are trying to
protect. If I have unsupervised physical access to your machine,
I can take it home, remove your HD and attach it to my system, and
learn anything I wish about your data. To defeat this form of attack
you would need to either prevent unsupervised physical access (as has
been suggested earlier) or arrange the disk drive to self-destruct if
it is removed.
On the other hand, if you want to prevent me from using your computer
to do my data processing, even a self-destructing HD isn't
sufficient---you must arrange to self-destruct the whole machine.
If you are trying to prevent a denial-of-service attack, then the
self-destruct isn't good enough either, and the only remedy is to
prevent unsupervised physical access.
John Sauter
|
| 2771.16 | Simple protection, low security | GIAMEM::I_SHAW | I hate LJ252-Amiga problems. | Fri Jul 28 1989 17:22 | 7 |
| I was just looking for an easy way to keep non-Amiga proficient
people away. The actual situation is: I'm going to be in a dorm this year
and I want to protect some of my stuff from being looked at. I suppose I'd
like to know how to get around Ctrl-D anyway, because someone might figure that
out.
--mikie--
|
| 2771.17 | | ELWOOD::PETERS | | Fri Jul 28 1989 18:00 | 10 |
|
I suggest a keylock power switch. There are many companies that
can sell you a replacement power switch that requires a key. All
DEC equipment comes with these switches ( DEC's all use the same
key, but this can be changed ).
Steve
|
| 2771.18 | Dorm? think about this... | SMAUG::SPODARYK | Scaring the pedestrians... | Fri Jul 28 1989 20:56 | 7 |
| re: * (has this been mentioned?)
How about one of those locking computer centers. That would also
prevent crumbs, beers, etc from finding their way into your system.
Also, watch out for people using your 3 1/2" disks as coasters.
Steve - I'm not kidding :^)
|
| 2771.19 | Maybe in 1.4???? :-) | FRAMBO::BALZER | Christian Balzer DTN:785-1029 | Mon Jul 31 1989 08:50 | 11 |
| Re: .14
Yup, that would be the neccessary parts.
But keep in mind that this scheme will allow you to change you password
at your own will and does not include surgery in the ever tighter
spaces in ROM.
I guess I'll ask Steve Beats to provide me with a hook for such
a thingie in the next FFS release.
<CB>
|