(no title)
kenniskrag | 2 years ago
* Do you trust the hardware
* Do you trust the OS
* Do you trust the user
* Do you trust the software
On a rootkit you don't trust the OS anymore. So a safe location inside the OS space isn't an option anymore. But often you are not a root user (e.g. android, windows in a corporate environment)
If you have OS backups there is a risk it is readable by others (e.g. cloud, different IT department). There is also a risk a user uploads the config somewhere.
If you want to rotate keys you would have to search all keys compared to a centralized location.
No comments yet.