Bug#858009: Debian "Full Disk Encryption" is a misnomer, /boot not encrypted, Evil Maid attacks, enable grub cryptodisk, improve guided encrypted partitioning

To: "submit@bugs.debian.org" <submit@bugs.debian.org>
Subject: Bug#858009: Debian "Full Disk Encryption" is a misnomer, /boot not encrypted, Evil Maid attacks, enable grub cryptodisk, improve guided encrypted partitioning
From: "of.the@protonmail.com" <of.the@protonmail.com>
Date: Fri, 17 Mar 2017 05:52:24 -0400
Message-id: <[🔎] 0ibtJ_czaqbGjEp4UswPB3xv230YWCjc8fL-MP3VHKrdwhKNUg7aD78P0u-_eBf_7X6FuPrsXozD8YjtDIfML8tqUe3-axbwtLABKKV7UNg=@protonmail.com>
Reply-to: "of.the@protonmail.com" <of.the@protonmail.com>, 858009@bugs.debian.org

Package: debian-installer

Version: stretch-rc2

The Debian Stretch RC2 installer and previous versions do not allow Full Disk Encryption since /boot is more vulnerable to Evil Maid attacks due to it being unencrypted. Securing /boot makes Evil Maid attacks slightly more difficult, raising the cost / time for an adversary with physical access.

I suggest looking at prior bugs from over a year ago suggesting how to start fixing this by enabling the cryptodisk option for grub, then modifying the debian-installer flows to automatically partition using a base encrypted volume for which all other partitions / LVM2 groups sit atop of, including /boot. This would hopefully replace the current and slightly more insecure "Guided - Use Entire Disk and Set Up Encrypted LVM..." option.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814798

Tested Debian Stretch RC2 and prior versions.

Reply to:

Prev by Date: Bug#818065: live-config / console-setup issue
Next by Date: Bug#818065: live-config / console-setup issue
Previous by thread: choose-mirror_2.77_source.changes ACCEPTED into unstable
Next by thread: Bug#858029: partman-efi: Manual partinioning in EFI system without EFI boot partition does not trigger an error message
Index(es):
- Date
- Thread