jerome etienne <jme@xxxxxxx> wrote: > good description of the attack. just a little precision, the attacker > can choose, to a certain extend, the inserted data and so the resulting > plaintext. > http://off.net/~jme/loopdev_vul.html sec 2.2 This whole scenario is none of my problems. To start such an attack prerequesits that attacker knows a partition is encrypted and loop-aes takes guard of a suse distro. As I said. This scenario is unlikely. You could also blame loop-aes for not providing protection again a dd if=/dev/zero of=/dev/hda bs=64 ......... But you are creative! How about following: A small device that is to be plugged between harddrive and mainboard and monitors first 1GB of data when PC is started. All data I/O is recorded to a memory chip. Later attacker should be able to boot the pc by a playback of this first 1GB. Or how about pieces of hardware that fit into a keyboard and send all keystrokes via radiofrequency? I´d say software will never be able to secure a compromised machine. So your attack is rather an idea than a danger. Regards Peter -- 10 GB Mailbox, 100 FreeSMS http://www.gmx.net/de/go/topmail +++ GMX - die erste Adresse für Mail, Message, More +++ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
