top | item 28630646

(no title)

Matt3o12_ | 4 years ago

I believe OP is referring to the fact that a sophisticated attack has access to the hardware and you continue using it afterwards. They could, for example, change the unencrypted /boot partition to log the password you use to decrypt your partition. Or, if you sign the boot partition, they could install a hardware key logger, or do any other kind of hardware modification that defeats the security. Preventing this kind of attack is incredible difficult. They are many means to prevent those kind of attacks but, for the most part, it just making it harder for the attacker so that the attacker needs to become even more sophisticated.

Full disk encryption only helps if you are worried that your hardware gets stolen

discuss

GekkePrutser|4 years ago

Just wanted to add that this is generally referred to as the "Evil Maid" scenario in case someone wants to Google it.

It can be mitigated somewhat with secure boot, tpm technologies etc but due to the breadth of possible attacks it's really hard to do against a serious attacker.

Even the sound of the keyboard is often enough to give your password away.

jkepler|4 years ago

Or encrypt the boot partition. Libreboot supports this.

(Though to be fair, Libreboot only runs on a very limited number of old devices).

markenqualitaet|4 years ago

And glitter nail polish :)