On 28.12.2009, Olivier Sessink wrote: > I was wondering if there are some 'common' ways to prevent tampering > with the unencrypted kernel and initrd in the case of an encrypted > root filesystem? If somebody has access to your computer they could > change the initrd and kernel and make your encryption useless If anyone ever gets physical access to your machine, all bets are off. There's no way for you to proof that your machine has not been tampered with. You can have a checksum of the contents in /boot, the MBR or whatsoever, you name it. The attacker won't care and install a hardware keylogger or whatever suits best. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
