[general_re]

Duress is when a foreign agent is beating the crap out of your wife and baby daughter until you give him a password that accesses all of your information.

Except that while the "duress" password will give said access to most or all of your critical data, it also signals your own team to come swooping in to the rescue.

That's great if you're the CIA or some such. For the rest of us, having a SWAT team on 24-hour standby is not exactly a practical alternative - rather, the name of the game is to prevent such attacks in the first place by controlling physical access in such a way that only authorized users get in the door. That way, the bad guy doesn't bother kidnapping you because even if he has your password, the large men stationed near the front door will prevent him from sitting down at a terminal and typing away.

[Southack]

"the name of the game is to prevent such attacks in the first place by controlling physical access in such a way that only authorized users get in the door."

So ATM's and POS terminals control the physical access to their boxes in such a way that only authorized users can be physically near them?!

Come on guys, there is more to security than tactical solutions. Architect your system such that vulnerable data is NOT on vulnerable machines. Mimic what already works out in the field.

Anyone can gain physical access to an ATM or POS terminal, but that doesn't mean that the entire bank or even one account holder is compromised.

Use the Net!