home *** CD-ROM | disk | FTP | other *** search
- From: arnet@hpcupt1.cup.hp.com (Arne Thormodsen)
- Date: Fri, 21 Aug 1992 21:09:15 GMT
- Subject: Re: HP 9000/370, no root password!
- Message-ID: <67870148@hpcupt1.cup.hp.com>
- Organization: Hewlett Packard, Cupertino
- Path: sparky!uunet!cs.utexas.edu!sdd.hp.com!hpscdc!cupnews0.cup.hp.com!hppad.waterloo.hp.com!hppad!hpfcso!hpcuhb!hpda!hpcupt1!arnet
- Newsgroups: comp.sys.hp
- References: <1992Aug15.022529.7176@mccc.edu>
- Lines: 30
-
- I worked in Customer Support for workstations a few years ago, and so
- have some knowledge of how a major US defense contractor handled
- security. This information is offered for people's interest only AND
- DOES NOT CONSTITUTE ADVICE FROM THE HEWLETT PACKARD COMPANY.
-
- 1. The discs and CPU's were contained within specially constructed
- safes. The users did not have the combinations.
-
- 2. The power lines were wired in permanently, so power could not be
- cycled by "pulling the plug".
-
- 3. Removable media were generally not available. If needed the sys.
- admin. would connect the device, supervise it's use and disconnect
- it when it was no longer needed. The media themselves were not allowed
- off the site.
-
- 4. Decomissioned disks were physically destroyed by removing the
- platters, which were either disolved in nitric acid or sandblasted
- down to the substrate.
-
- Conclusion: Real security is an *ugly* process.
-
- --arne
-
- Disclaimer: These views do not represent any advice or position of
- the Hewlett-Packard Company or it's customers.
-
- (P.S. The SE's did not always enjoy working at this site: "Well... we
- *could* give you root privs for our system Mr. HP SE, but then we would
- have to kill you!" :-)
-
