On 08.08.2009, Marc Ballarin wrote: > You need an unbroken chain of trust to achieve security. You must be > able to trust your hardware/firmware, your BIOS, the code in your > MBR, your boot loader, your kernel, your drivers, your system > libraries, your shell, your cryptsetup executable and so on. > If an attacker manages to replace or manipulate at least one piece > of that chain, he has broken your security. > Here is an example of a keylogger... Yes, all that I'm totally aware of, but that was not what I meant (or I'm misunderstanding the whole): The article on "stoned" is not detailed enough to explain if the system must be running to have it installed, or if it is also possible to break into a _powered off_ system by installing "stoned" (or whatever) in the MBR. The scenario: My Laptop, fully encrypted with LUKS/dmcrypt gets stolen while totally _powered off_. By "fully encrypted" I mean: - GRUB in the MBR - /boot unencrypted - Rest encrypted - Booting by providing the correct password, handled by a specially crafted initrd Would it be possible to break into my data by installing "stoned for Linux" or whatever into my MBR? I't quite clear to me that people who can get physical access to this Laptop (or whatever computer) can install a keylogger or manipulate it in a way that they can get hands on my passphrase or the key. They can do what they want to infect my machine with all kind of malware to spy on me. But what happens when the machine is powered off and stolen? The thief wants to have my data. Can he/she use something like "stoned" to get into the system and decrypt the harddisk contents? _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
