Basic lock down

I have my BBB flashed onto the eMMC and it is feasible for someone to boot from the SD Card and/or use the serial debug cable to gain access.

What methods if any have people used to prevent some access?

What sort of 'access' are you trying to prevent?

If someone has physical access then all bets are off, they just take
the whole thing and can see all the data on it. You can't really
prevent that unless you install an encrypted OS.

Yes very true but the 2 easy vectors I can see are serial debug cable and micro SD. If anything could be done to discourage it then that would be welcomed.

Will look into encrypting the OS though. Good idea.

On Mon, 2 May 2016 02:22:30 -0700 (PDT), Lee Armstrong
<lee@pinkfroot.com> declaimed the following:

I have my BBB flashed onto the eMMC and it is feasible for someone to boot from the SD Card and/or use the serial debug cable to gain access.

What methods if any have people used to prevent some access?

  Locking the unit in a vault with no external connections (no internet;
though internal LAN may be allowed), TEMPEST shielding, and sign-in/out
with a guard for vault access should work.

  Which is the long way of saying: if "someone" has physical access to
the device, there is nothing you can do to prevent "access".