Re: LVM+RAID+CRYPT
On Fri, 8 Jan 2010 11:49:35 -0700
Matthew Moore <anonymous.jondoe@gmail.com> wrote:
> On Friday January 8 2010 4:41:54 am Sjors van der Pluijm wrote:
> > Just found out that /boot should not be in LVM because bootloaders might
> > not understand it. /boot unencrypted does not seem to be the end of the
> > world. http://tldp.org/HOWTO/LVM-HOWTO/benefitsoflvmsmall.html
>
> Since we are being paranoid, what happens if the NSA breaks into your home
> when you are asleep and installs a hypervisor on your /boot that records your
> password/keyfile next time you derypt?
This is the "evil maid attack":
http://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html
> The way that I have heard to prevent this type of attack is to store checksums
> of every file in /boot on the encrypted partition and then verify those
> checksums on startup.
I don't think that this will work, at least not without considerably
more work; the attacker can design the evil bootloader to wipe itself
out and replace the original bootloader files before booting the system.
Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: