[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Musings about on-disk encryption in Fedora Core



On Tue, 6 Jul 2004 05:12, Alan Cox <alan redhat com> wrote:
> /boot on the other hand cannot be encrypted usefully without hardware
> key systems because then you cannot boot off it.

For a really secure system you have to boot from removable or read-only media.

If an attacker can compromise the kernel image that you boot from then they 
can own you.  If you have an unencrypted kernel/initrd stored on the hard 
disk then you must either keep the hard disk locked up at all times (in which 
case encrypting it doesn't gain much) or treat every unexpected reboot as a 
potential compromise.

I think that USB-flash devices are the best option for booting secure machines 
at the moment.  The smallest available USB devices are bigger than /boot on 
most systems.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]