undefined | Better HN

0 pointsEpicEng8y ago0 comments

>In which case all bets are off anyways

How are all bets off if they don't have access to a root user? This isn't Windows we're talking about.

0 comments

If they have access to the account that is being used normally, they can modify the (user-accessible) settings to trick the user into running malicious code and giving them access (or causing trouble even without access to the root account).

mholt8y ago

If you lose physical control over the machine, all bets are off because an attacker can modify the hardware to do nefarious things.

apetresc8y ago

I know the theory, but practically there's a huge difference between that type of physical access and "the victim left the room to go to the bathroom for 2 minutes" type of physical access

EpicEngOP8y ago

ok, sure, but in practice that is pretty unlikely.

j / k navigate · click thread line to collapse