IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [physical-access]

The best security measures can be rendered useless if you don't physically protect your systems. An intruder can steal a computer, server, or smartphone, then crack the password at his leisure. (Source: "Physical access". Wikipedia. Citing: Michael Meyers. ISBN 978-0-07-225345-0. McGraw-Hill Education.)

The best security measures can be rendered useless if you don't physically protect your systems. An intruder can steal a computer, server, or smartphone, then crack the password at his leisure. (Source: "Physical access". Wikipedia. Citing: Michael Meyers. ISBN 978-0-07-225345-0. McGraw-Hill Education.)

142 questions
90
votes
17 answers

Why do we still use keys to start cars? why not passwords?

Around a year ago I have asked a question about the weakest factor of authentication. I have had some good answers that convinced me as I always imagined the authentication process in my head as some employee in a high security facility trying to…
Ulkoma
  • 8,773
  • 17
  • 68
  • 96
40
votes
3 answers

How to safeguard physical keys stored in a fire dept. lockbox?

The workplace has a physical access key stored in a fire department lockbox (sometimes called a Knox Box), how it's possible to mitigate the risk that the Knox Box gets picked, or that an unauthorized key may exist? What could the local fire…
jth
  • 726
  • 6
  • 10
31
votes
5 answers

What's the down side of a dynamic numbered radial keypad?

Every time I visit a clinic, office or train station I notice how easy it is to figure out the PIN required to unlock the staff-only door by just watching an employee entering the restricted area. I usually don't have to do anything, not even trying…
Ulkoma
  • 8,773
  • 17
  • 68
  • 96
6
votes
3 answers

Protecting server from physical access?

How do you protect your server at the datacenter from physical access by unauthorized personal? Considering protection against malware (keylogger and trojans) and having data- and OS integrity? Is it even possible?
user3200534
  • 881
  • 10
  • 22
4
votes
1 answer

Should employees confront people without access cards?

At my place of employment we have recently been discussing our access card policy. We have different access cards for guests and employees, and anyone not wearing an access card is assumed to be an enemy combatant. What we are struggling with is…
user1049697
  • 1,147
  • 2
  • 10
  • 15
2
votes
1 answer

Recommendations for tamper resistance without reasonable access security

I have an off-the-shelf PC with a database on it (CouchDB). The database contains sensitive data. I'm taking this machine to a community with poor/zero data connectivity, where the database will accessible through their LAN. At some frequency, the…
Kenn
  • 131
  • 4
2
votes
0 answers

About physical access of notebook computer

Background: I’m a mobile app developer, and I’m using my notebook (a MacBook Air) for writing apps. For some reasons I have to put my notebook at a location that is not completely secure (i.e. I can’t fully trust those who have physical access to…
tonychow0929
  • 2,257
  • 3
  • 14
  • 14
2
votes
2 answers

Is it possible to protect a key from an attacker with physical access?

So a colleague and I are having an argument about physical access. We have two devices A and B where A contains a function f(x) whose implementation we want to keep secret. We want to allow users to connect to A from B, input x and read out f(x).…
lirime
  • 21
  • 1
1
vote
2 answers

How to find entry points to physical systems

I read an article on wired about a whole transit system getting hacked. The intruder disabled ticket machines and displayed messages on the station displays. I was wondering how an attacker finds an entry point if he doesn`t know the IP of the…
Tim
  • 41
  • 3
0
votes
1 answer

How to check if someone used my desktop or any other device

What can I do to check a potential "evil maid attack"?
Kour Koumpinos
  • 11
0
votes
1 answer

How can I properly physically secure my devices from border inspection?

I am travelling soon, and my country has passed tyrannical laws that allow them to demand passcodes to devices, and I believe that they are increasingly beginning to violate privacy rights. I would like to protect my privacy. Currently I use iPhone…
user280375
  • 3
  • 1