From: andreas (andreas.hislistsgmail.com)
Date: Mon Aug 09 2010 - 10:27:00 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I think it's impossible to create trusted bootloader which would not be affected
> by physical attacks, see here:
>
> http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html
>
> Thus even bootloader would be able to open softraid crypto device, it could be
> tampered.
>
> I'm going to create a usb stick with minimal installation on which I will carry checksums
> of files in '/' and I'm going to scan '/' for tampered files before "normal" boot.
> I do not know any better solution. I don't know if there can be some other shit which
> could somehow get my passphrase for softraid (bios, mbr...)? Is it theoretically
> possible?

I think a hard disk should be crypt with Deniability. When you boot from
CD or usb-stick and dislocate them, no one should be able to proof that
the disk is crypt.

I am not an expert in this, so please correct me if I am wrong, this
scenario is attackable from bios side, or if the attacker reads the key
from memory (i.e. just booting with a minimal system from CD...) Also I
read about cooling and removing the ram to read the key :D

How to proof your bios? wassent there just last weeks a big company in
the IT news with mallware in their bios?

I don't know if it make sense/is possible, but why dont build a system
where the keys are stored in that part of the ram, which is used by the
bios when booting from cd or usb? So that a least a part of the key will
overwritten during every boot. That the attacker is forced to remove ram
or bios.

Andreas

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]