[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: LVM+RAID+CRYPT

On Fri, 8 Jan 2010 11:49:35 -0700
Matthew Moore <anonymous.jondoe@gmail.com> wrote:

> On Friday January 8 2010 4:41:54 am Sjors van der Pluijm wrote:
> > Just found out that /boot should not be in LVM because bootloaders might
> >  not understand it. /boot unencrypted does not seem to be the end of the
> >  world. http://tldp.org/HOWTO/LVM-HOWTO/benefitsoflvmsmall.html
> 
> Since we are being paranoid, what happens if the NSA breaks into your home 
> when you are asleep and installs a hypervisor on your /boot that records your 
> password/keyfile next time you derypt?

This is the "evil maid attack":

http://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html

> The way that I have heard to prevent this type of attack is to store checksums 
> of every file in /boot on the encrypted partition and then verify those 
> checksums on startup.

I don't think that this will work, at least not without considerably
more work; the attacker can design the evil bootloader to wipe itself
out and replace the original bootloader files before booting the system.

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: