Hi all, p> BTW, cryptography is not the 100% perfectly final solution. It is a p> fairly good protection, in some cases, but nothing more. If someone can p> access your laptop during 10 minutes, he can boot on a floopy and put a p> rootkit with a keylogger and your encryption is dead... Good point! The chain is only as strong as the weakest link..... Can all processes be observed in Linux, or is a rootkit invisible as a process? Is a keylogger invisible as a process? If Linux is not capable of natively showing all running processes, are there pgms available which are capable of this? p> If someone can access your laptop during 10 minutes, he can boot on p> a floopy and put a rootkit with a keylogger and your encryption is p> dead... I have heard that physical possession of a Linux computer allows anyone to take over as root, etc. It seems to me that this is a huge security hole. Can I assume that this is still true in every distro? Is no one concerned about this problem? Is this an inherent weakness of Linux that can not be corrected? Even if it is not a question of rootkit installation, but only a sick joke of changing root and user passwords for "fun", the inconvenience could be enormous, even catastrophic, especially if you are on a trip and don't have a disk in your pocket. Best regards, Earl - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
