[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed

On Mon, 15 Jan 2024 at 10:22, Holger Levsen <holger@layer-acht.org> wrote:
>
> On Sun, Jan 14, 2024 at 08:37:30PM +0000, Luca Boccassi wrote:
> > Most definitely wrong. If your threat model is "hardware vendor will
> > spend hundreds of millions of dollars to get at me" then your cpu
> > vendor, memory controller vendor, etc etc can do that too, so you
> > better not use this nor any other type of hardware acceleration, ever.
>
> huh, if there's a bug in the firmware to accidently store the encryption
> key on the drive in plaintext, it doesn't cost anything extra.

Sure, and if there's a bug in your CPU to accidentally reveal all
kernel secrets to any unprivileged userspace process via sidechannels
it doesn't cost anything extra either. Doesn't really mean much though
for this case.

> > The good news is, if you are writing on a Debian bug tracker then you
> > are not even remotely interesting enough for any hardware manufacturer
> > to spend even a tiny fraction of that, so it's all good.
>
> huh. the Snowden papers explicitly showed that sysadmins and developers
> are being targeted, to go after "the real targets".
>
> I originally didn't want to comment on this bug further, as I am ok
> with the current wording but saying that people contributing to Debian
> are "not even remotely interesting" is just wrong.
>
> (And the other framing about contributors with maybe minor contributions
> is also rather wrong, but for other reasons.)

We aren't though - and the category includes me too of course. Nobody
is going to spend $100 million dollars to hardware-backdoor my
computer, as I am not a Prime Minister or a billion-dollar-corp CEO.
It's just not a realistic threat model for me. In the average user's
threat model there are things several orders of magnitude more
important to worry about, like "is my browser up to date" and "is this
email legitimate or phishing".

And if for some absurd reason some Prime Minister somewhere is really
installing Debian - good news! They can just use the defaults, problem
solved. In the meanwhile, I pay for fast hardware acceleration and I
would like to use fast hardware acceleration, and I'm pretty sure
that's also true for many others.
Reply to: