jerome etienne wrote: > the paper describing the attack propose 2 simple ways to fix the > vulnerabilities. people, who care that an attacker could modify their > content without being detected, may code or poke people who code to > implement it To modify encrypted data on hard disk partition means that attacker has to root the box first. If attacker successfully roots a box, it is "game over" securitywise right there. Only sane option after that is reinstallation and/or restore from known good backup. Your paper effectively says that "compromized box is insecure" which is like saying "water is wet". -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
