From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.sysphere.org (sysphere.org [97.107.129.246]) by mail.saout.de (Postfix) with ESMTP for ; Tue, 29 Dec 2009 11:23:11 +0100 (CET) Date: Tue, 29 Dec 2009 11:23:10 +0100 From: "[lesh] Ivan Nikolic" Message-ID: <20091229102310.GI24454@sysphere.members.linode.com> References: <4B3914FB.7060008@gmail.com> <20091228212038.GB2224@maude.comedia.it> <4B3925F0.4050409@gmail.com> <20091228231158.GB16466@fancy-poultry.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="k18oBAwMkTg3OUap" Content-Disposition: inline In-Reply-To: <20091228231158.GB16466@fancy-poultry.org> Subject: Re: [dm-crypt] encrypted root: prevent / detect tampering with kernel / initrd Reply-To: "lesh@sysphere.org" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de --k18oBAwMkTg3OUap Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable you can set bios password for every boot (if you trust your bios, this woul= d mean that for any=20 software tampering your machine has to be taken appart, disk unplugged, etc= =2E but most bioses had a lot of backdoor passwords few years back, don't know how it is now, but not very nice I sup= pose) so, to be extra sure, somekind of sum of unencrypted files is nice, yes. that would mean that person would have to get past bios, boot another syste= m, modify your kernel to make your hashing=20 program lie to you (know in advance that you use one, and which) and that i= s hard enough for me:) (and is the most feaseable software hack idea those "if there is phisical a= ccess game over" people are talking about) if you are that paranoid, you cary your initrd/kernel on usb with you. btw, those problems can be addressed with an evil child of drm, chain of trust. http://theinvisiblethings.blogspot.com/2009/01/why-do-i-miss-microsoft-bitl= ocker.html I'm gonna setup the hash thing right now :) * Heinz Diehl (htd@fancy-poultry.org) wrote: > On 28.12.2009, Olivier Sessink wrote:=20 >=20 > > yes you are 100% right from a perfect security viewpoint. However, > > we're looking at a "regular user" deployment, and we know that our > > regular users are not going to look after their devices as good as > > most IT security professionals will do (they might even carry their > > password in their wallet, or tell the password over the phone). So > > our aim is not 100% perfect security, but just "make it (a lot) > > harder" to get to the data. >=20 > Anybody who has the skills and the motivation to modify your kernel/initrd > is far from being your "regular user", and is most likely able and has the > expertise to do other things to your machine as well. >=20 > "Please repeat with me: there is no way to avoid or detect backdoors if > physical access to the machine has ever been granted." (Werner Koch on > gnupg-users 19.02.2009 on exactly the same topic). >=20 > =20 > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt --=20 PGP 0x96085C00 http://lesh.sysphere.org --k18oBAwMkTg3OUap Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCgAGBQJLOdiOAAoJEDCYj/2WCFwAOGMP/2PJdA+Lyc+fmvsVMZHghm9V RFBLq1fPuBaxDzgQKvxDfnGLiCC6AiWGQceOFa/VHwNiargGTvg6ebfrjNHkxAYc lMs+Ac3GybaGc7ZBh+ut4mlzmaFo4ozSteQgjnTKwyiLEMmTLNKZYyll5OlkC1S0 HtJK+EOgMoF/uWtKeLIdTudonjpDU8z1tR0FB+weVbqMGSJRc9NMJlTykxAmpNcM NT7prS0HnusBdbOFLbN4wFiI+7T7EzvRgMtkkvos0T+zqAwyVnQEs6InmYIsicv7 3QJkJ0mMQOzcBMsdjmoxQGgp/c78FOn+tqWhlHT/fbrMB2pf/6B6D/cmWIZYAUpJ 9l8kH74gOQQ0TZdXiOxdZiCcnqtuHIbC6ZXsn6lhgpvtioAJ1i6czdYc1/5z6+FM 4DAtX+iH2uJ/E+dWdVLRxr0WoMk6mGo011jRlMopUnAKyMyWu3fw9vAcTttUueKl RdS8FwuN6HmkstF4LSWPXFjvciz7gNMDlWV1F2VXUa2lthQqxGcisPqhaxQKNezl kyJOh9voObA+tO+ZkbToqRGFP4kBARc6di79OsqvR1984J/rosCfokLX26est4li TpEUXMyJRQ0+t9o2MMjLg46zqOUYEiP8l1gwrSNcEtvJMYlphaknakA52rFYPn5o dpmTz09qClTFw+KmP76I =QMIW -----END PGP SIGNATURE----- --k18oBAwMkTg3OUap--