From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <h.e@gmx.at>
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mail.saout.de (Postfix) with SMTP
	for <dm-crypt@saout.de>; Tue, 29 Dec 2009 22:31:18 +0100 (CET)
Message-ID: <4B3A7524.1040900@gmx.at>
Date: Tue, 29 Dec 2009 22:31:16 +0100
From: Hannes Erven <h.e@gmx.at>
MIME-Version: 1.0
References: <4B3914FB.7060008@gmail.com>	<20091228212038.GB2224@maude.comedia.it>	<4B3925F0.4050409@gmail.com>	<20091228231158.GB16466@fancy-poultry.org>
	<20091229202429.GB17029@tansi.org>
In-Reply-To: <20091229202429.GB17029@tansi.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] encrypted root: prevent / detect
 tampering	with	kernel / initrd
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

Arno Wagner schrieb:
> On Tue, Dec 29, 2009 at 12:11:58AM +0100, Heinz Diehl wrote:
>> "Please repeat with me: there is no way to avoid or detect backdoors if
>> physical access to the machine has ever been granted." (Werner Koch on
>> gnupg-users 19.02.2009 on exactly the same topic).
> 
> I don't agree. 

How do you protect against e.g. a hardware key logger? You don't.


-hannes