[OLPC Security] olpc security - wetware issues

[alien]

Sure. Reviewing logs doesn't prevent attacks-- but it can tell you
when someone else has been using your computer without your
knowledge. It needn't be required, but it should be trivial for
interested users to discover and peruse system logs, and it might be
nice to include system maintenence guidance for children who are
interested.

As you suggested, keeping a history of when shared files are accessed
might be handy, too.


Ka-Ping Yee writes:
>On Thu, 8 Feb 2007, alien wrote:
>> >I couldn't disagree more. That normal users would ever have to know what
>> >logs are, let alone check them frequently, is nothing but a gross
>> >failing of our field, and a failing that Bitfrost is partially trying to
>> >remedy.
>>
>> Don't you want to know when someone has been in your house? You can't
>> rely on machines to take care of everything, especially when the
>> machine may be compromised. Occasional log review is the safety net,
>> the opportunity for a human to notice that he or she may have been
>> burglarized, or that something else is not functioning proprerly.
>
>I doubt that log review is a good thing to require of users.  Any
>system that is capable of logging the fact that an attack occurred
>is capable of preventing the attack in the first place.
>
>I'm not against providing history and feedback in the context of a task
>(e.g. if the user has voluntarily shared a file, the ability to see
>when it has been accessed is useful) -- but i don't think it should be
>relied upon in order to prevent attack.
>
>
>-- ?!ng
>_______________________________________________
>Security mailing list
>Security at laptop.org
>http://mailman.laptop.org/mailman/listinfo/security