Re: encrpyt harddrive without passphrase/userinput

[Florian Weimer <fw@deneb.enyo.de>]

* Horst Pflugstaedt:

> On Sun, Feb 26, 2006 at 11:17:56PM +0100, Florian Weimer wrote:
>> * Horst Pflugstaedt:
>> 
>> > I just ask myself why you bother encrypting a filesystem that will be
>> > accessible to anyone having access to the machine since it boots without
>> > password?
>> 
>> You can return hard disks to the vendor for warranty claims even if
>> they still contain sensitive data.
>
> even if the disk boots in another machine, thus revealing the sensitive
> data?

The boot process stops when it doesn't find the USB stick with the
necessary key material for decryption.  When you return the machine to
the vendor for maintenance, you don't provide that USB stick.
Therefore, the vendor is unable to access the unencrypted disk
contents.  (Of course, you need to reinstall from scratch (or restore
a complete disk image) because there isn't a trusted boot path; the
vendor could have tampered with the boot loader.)