What i am finding out as i learn more about security is that "physical access" is the number 1 security flaw to guard against. With physical access, it seems that any data is not only insecure but seemingly easy to get at. For example, on linux systems you only need to reset the root password with the boot option "nogui single" and you now have root access. i have read and seen that even windows 2000 and xp have programs that are free and easily accessible to reset the admin passwords.

Now i'm seeing that protecting the data in a secure database doesn't guard against physical access as well. i understand what people are talking about when they discuss "layers" of security, but it seems that if they have access to the computer, every other layer doesn't seem to matter (although i imagine encrypting data with powerful encryption is something that would change that, but that is not seemingly available in a database).

i'm still new to this so forgive my rants here. i thought that there would be more that I could do to protect my systems if stolen. As you have said a number of times, it is about protecting your system against the "average" user, which i imagine is someone that looks at an OS login screen and tries to simply guess a few passwords and then gives up. it's scary to realize that i am what might be considered an "above average user"!

paul