Re: Linux disk partition encryption
On Thu, 27 Jan 2011 11:03:58 +0100
Sjoerd Hardeman <firstname.lastname@example.org> wrote:
> Celejar schreef:
> > On Wed, 26 Jan 2011 23:24:07 +0100
> > Jochen Schulz <email@example.com> wrote:
> >> Celejar:
> >>> Brad Alexander <firstname.lastname@example.org> wrote:
> >>>> Linux admins used LUKS, and as a further step, I put /boot (the only
> >>>> partition that cannot be encrypted) on a USB stick, so that if anyone
> >>>> got the laptop, they had no access to the data.
> >>> Why does putting /boot on a USB stick gain you anything?
> >> Because an unencrypted /boot may be altered by an attacker without you
> >> noticing it. Theoretically, the kernel may be replaced by another one
> >> that reports your passphrase to the attacker.
> > Oh, basically the Evil Maid attack. Fair enough. But then you have to
> > make sure the attacker can't flash the BIOS ...
> Bother to explain how it works? If you have an encrypted partition, no
> adapted kernel will ever be able to access it. So how can an adapted
> kernel report the passphrase?
> Or do you mean that the kernel can be altered to log the passphrase
> somewhere? This then is a way more general problem, as physical access
> to the computer will always allow someone to install a sniffing hardware
> or software device.
I think we're talking about the latter - the attacker replaces your
kernel with a modified one to record the passphrase. Yes, it's
basically true that an attacker with physical access can always install
a sniffer, but forcing him to do it in hardware will make it harder.
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator