Hi Earl, > I have heard that physical possession of a Linux computer allows > anyone to take over as root, etc. It seems to me that this is a huge > security hole. Suggestion: Boot from a CD which is secure from being tampered with, and verify a digest of the system bios before entering the password to allow access to the hard disk. The CD can become a sort of physical key, containing info neccesary for the decryption of the hard disk. Then remove the CD before running any but the most trusted code. A hardware keylogger in the keyboard could still defeat any attempt to find it by software. Ultimately you could be fooled by any system, substituted for your original, which shows the same interface as yours. Or possibly biometric protection? Regards, Paul ----- Original Message ----- From: "Earl" <LARGE.FILES@GMX.NET> To: <linux-crypto@nl.linux.org> Sent: Wednesday, October 02, 2002 12:53 PM Subject: rootkit and 10 minutes ? - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
