Shared publicly  - 
1
Susan Vash's profile photo
 
Not sure I can agree with that, my concerns were primarily at the ease at which ssh clients are/have been modified without anybody noticing. I was under the obviously mistaken assumption that critical systems like this would have been protected by a decent intrusion detection system which surely would retain decent checksums of critical applications and libraries.
 
I suppose it comes down to the simple question - do you run a secure box yourself. The answer is almost certainly no, hence at least one avenue for ingress.

While I can pretty much vouch for my own equipment, I cannot say the same for site machines where boxes are not kept under physical lock and key until my arrival - and as time = money - I can't really spend the time every visit to basically perform a full system check against a known good source.
Add a comment...