Quote:
Originally Posted by hawhill
But there are much, much bigger security flaws to fix first (thinking of my K3 running everything and the kitchen sink as root, probably just because system integrators were lazy).
|
The real flaws are PEBKAC related, and software security does not matter if you have physical access, even for a brief moment:
http://hakshop.myshopify.com/products/usb-rubber-ducky
When you plug a "USB Rubber Ducky" into a USB port on a "victim" computer, the computer OS thinks it is a new "USB keyboard", so even without permission, it just starts "typing stuff" for you...