* Heinz Diehl <htd@xxxxxxxxxxxxxxxxx> wrote: > Yes, all that I'm totally aware of, but that was not what I meant (or I'm > misunderstanding the whole): > > The article on "stoned" is not detailed enough to explain if the system > must be running to have it installed, or if it is also possible to > break into a _powered off_ system by installing "stoned" (or whatever) in > the MBR. Sure, just dismantle the hdd, install the rootkit, then put it back into the target comp. > Would it be possible to break into my data by installing "stoned for > Linux" or whatever into my MBR? Yes, theoretically. Direct physical access is always the key. You could (and should) check integrity of the boot chain to detect such tampering. That is not always possible, and depends largely on the setup in use. > I't quite clear to me that people who can get physical access to > this Laptop (or whatever computer) can install a keylogger or > manipulate it in a way that they can get hands on my passphrase or > the key. They can do what they want to infect my machine with all > kind of malware to spy on me. Ah, ... > But what happens when the machine is powered off and stolen? The > thief wants to have my data. Can he/she use something like "stoned" > to get into the system and decrypt the harddisk contents? ... now I think I understand the Q. Something like an install of "stoned" does not yield any access to your data in the case you describe. All that "stoned" manages is to lay out a trap. If your system gets stolen while being fully encrypted the attacker gains nothing via "stoned" at all. It would be different if the attacker modified things you dont know about, and you continue to normally use your machine. Hence the importance of denying direct physical access to your machine, and/or take precautions to detect such tampering. -- left blank, right bald
Attachment:
pgp9wKn0TsPZA.pgp
Description: PGP signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
