From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LdB6L-0006X2-3P for mharc-grub-devel@gnu.org; Fri, 27 Feb 2009 17:22:37 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LdB6J-0006WY-UL for grub-devel@gnu.org; Fri, 27 Feb 2009 17:22:35 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LdB6I-0006Vl-Au for grub-devel@gnu.org; Fri, 27 Feb 2009 17:22:35 -0500 Received: from [199.232.76.173] (port=56014 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LdB6I-0006Vg-7D for grub-devel@gnu.org; Fri, 27 Feb 2009 17:22:34 -0500 Received: from aybabtu.com ([69.60.117.155]:34764) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1LdB6H-0007W8-Ij for grub-devel@gnu.org; Fri, 27 Feb 2009 17:22:34 -0500 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtp (Exim 4.69) (envelope-from ) id 1LdAz9-0006sc-8N for grub-devel@gnu.org; Fri, 27 Feb 2009 23:15:11 +0100 Received: from rmh by thorin with local (Exim 4.69) (envelope-from ) id 1LdB6E-000249-It for grub-devel@gnu.org; Fri, 27 Feb 2009 23:22:30 +0100 Date: Fri, 27 Feb 2009 23:22:30 +0100 From: Robert Millan To: The development of GRUB 2 Message-ID: <20090227222230.GA7907@thorin> References: <49A152BD.6010907@student.ethz.ch> <20090227204226.GI31629@thorin> <49A861A0.2000601@student.ethz.ch> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49A861A0.2000601@student.ethz.ch> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.18 (2008-05-17) X-detected-operating-system: by monty-python.gnu.org: Genre and OS details not recognized. Subject: Re: GRUB hardened boot framework X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Feb 2009 22:22:36 -0000 On Fri, Feb 27, 2009 at 10:56:48PM +0100, Jan Alsenz wrote: > > Hi, > > > > The last stage is much simpler. Just put /boot/ in a crypted filesystem (we > > have a patch liing around which is pending to merge). > > Yes, that would also be an idea. > Then the filesystem needs the authentication. I'm no crypto expert, but I was under the impression that when the data is encrypted, measurement comes "for free": if someone tampered it, you'd be unable to decrypt. Is this correct? > > I appreciate your interest in avoiding controversy. If you want that, then > > please don't refer to this as "trusted". It is implied that all the code in > > GRUB is already trusted by its user. The difference here is that our system > > would be hardened against physical attack, it doesn't change anything about > > who is able to "trust" your computer and who isn't. > > Alright, hardened then. Thank you -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all."