Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's about degrees of freedom.

Even if an adversary has access to a machine, there is a difference if they can choose when/where to exploit/steal something, or if they have to wait for an action. If the adversary cant get persistence, a simple reboot of the machine might get them evicted and the keylogger is gone. That's just a simple example but it shows that things are more nuanced.

Apple for instance has efforts so that even root can't just debug arbitrary processes or unlock keychains of other users without them agreeing to it or disabling SIP.

It's about raising the bar and removing degrees of freedom for an adversary, so it becomes more dfficult. In the end of course systems can always be exploitable (given enough resources are allocated in breaking in).



Yep, just like your home locks are not rated as "breakable/unbreakable", but "how many minutes to break". Most locks are below 5 minutes.

Locks requiring more than 30 minutes are considered pretty much unbreakable (easier to break through the nearest wall).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: