On 29.10.2014 16:59, Arno Wagner wrote: >> How do you want to realize the communication between the µC and you >> > Linux Box? Over Uart? (Uart communication can _easily_ be sniffed, so be >> > aware of that....) > If an attacker has access on that level, they can probaly just do > a memory-freeze attack or a fire-wire attack. Remember that > disk encryption does not protect data while the system is running > and has the data decrypted. > Yes, exactly. So why putting such huge efforts on that using some semi-professional setup that is probably condemned to failure? Don't get me wrong, I also consider it as a nice teaching/learning system, but don't think that it is more secure than before. I'd rather believe in the opposite. Why using such a setup at all? I don't get the benefits, I just see a lot of further possible vulnerabilities. And (for me) sniffing an UART connection or attaching some kind of debugger is much easier than freezing the system down, applying black vodoo magic and reading the bits back from frozen RAM :-) As you said, Arno, AVRs are well-known hobbyist µCs. Make a long story short: it is a nice teaching project in order to get into all that stuff, but even if it seems to work and even if I would have developed it on my own, I would not use it for protecting MY private data. Cheers Ralf _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
