From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ew0-f214.google.com (mail-ew0-f214.google.com [209.85.219.214]) by mail.saout.de (Postfix) with ESMTP for ; Tue, 29 Dec 2009 13:25:17 +0100 (CET) Received: by ewy6 with SMTP id 6so9458967ewy.29 for ; Tue, 29 Dec 2009 04:25:16 -0800 (PST) Message-ID: <4B39F52A.20009@gmail.com> Date: Tue, 29 Dec 2009 13:25:14 +0100 From: Olivier Sessink MIME-Version: 1.0 References: <4B3914FB.7060008@gmail.com> <20091228212038.GB2224@maude.comedia.it> <4B3925F0.4050409@gmail.com> <20091228231158.GB16466@fancy-poultry.org> In-Reply-To: <20091228231158.GB16466@fancy-poultry.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] encrypted root: prevent / detect tampering with kernel / initrd List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Heinz Diehl wrote: > On 28.12.2009, Olivier Sessink wrote: > >> yes you are 100% right from a perfect security viewpoint. However, >> we're looking at a "regular user" deployment, and we know that our >> regular users are not going to look after their devices as good as >> most IT security professionals will do (they might even carry their >> password in their wallet, or tell the password over the phone). So >> our aim is not 100% perfect security, but just "make it (a lot) >> harder" to get to the data. > > Anybody who has the skills and the motivation to modify your kernel/initrd > is far from being your "regular user", and is most likely able and has the > expertise to do other things to your machine as well. > > "Please repeat with me: there is no way to avoid or detect backdoors if > physical access to the machine has ever been granted." (Werner Koch on > gnupg-users 19.02.2009 on exactly the same topic). I seem to be unable to find this discussion in http://lists.gnupg.org/pipermail/gnupg-users/2009-February/date.html are you sure about this date? Olivier