[kwlug-disc] TrueCrypt Safer Than Previously Thought
Jason Locklin
locklin.jason at gmail.com
Sun Nov 22 09:22:33 EST 2015
On 22/11/15 01:31 AM, B.S. wrote:
> Even then, it seems I've read that to help oneself out in problem situations, one should use an unencrypted boot partition (that then mounts encrypted partitions).
The threat model that FDE is quite good for is a one-time stolen
machine. There will be nothing of value in the /boot partition (well,
they will be able to tell you use Linux and what kernel you were running).
The threat model that defeats FDE is when a machine is physically
accessed by a malicious actor and returned to you. Here, yes, they would
be able to modify your /boot partition, *however* encrypting /boot would
gain you nothing on it's own anyway. Such an actor would image your
encrypted drive before returning it too you and would simply need to
fool you into entering your passphrase. They could simply wipe whatever
encrypted system you have installed and install their own one that fools
you into typing in your passphrase and broadcasts it. Even with a
cryptographically signed bios and bootloader (Coreboot?), they could do
this with a hardware key-logger.
So basically, FDE encryption works for stolen laptops, but, encrypted
/boot or not, if it's chain of custody is violated, you are boned. It
does force the (intelligent) thief to choose either stealing your
hardware *or* your data.
More information about the kwlug-disc
mailing list