[Discuss] encrypted linux systems
Edward Ned Harvey (blu)
blu at nedharvey.com
Tue Jan 28 11:51:39 EST 2014
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Edward Ned Harvey
> (blu)
>
> Also, depending on whether or not you care, this introduces a mode for
> attack. Because the kernel and initial environment can be tampered with in
> such a way that the user would not notice, and then the user happily types in
> password, which got recorded or communicated, etc.
PS. If somebody can put their hands on your system and tamper with firmware, then even whole disk protection cannot protect you. Only TPM can protect against that. Worse yet, all systems are vulnerable to cold boot attacks (even with TPM) and if an attacker can install a key logger in between your keyboard and motherboard, once again, nothing can protect you from that.
There is nothing but nothing that can protect you against all attacks. That's why I said "if you care" about boot partition tampering. You must acknowledge and accept, that all your efforts serve as a barrier, not a guarantee, of security. And where to draw the line is a decision to be made on a case-by-case basis.
More information about the Discuss
mailing list