Booting a GELI encrypted hard disk

Roland Smith rsmith at xs4all.nl
Wed Oct 10 15:05:05 PDT 2007


On Wed, Oct 10, 2007 at 11:37:55PM +0200, Mel wrote:
> > >
> > > Encryption isn't only useful for private data,
> > > it also reduces the risk of third parties replacing
> > > your binaries with Trojans while your away.
> >
> > If that someone can replace binaries on a running system, you're box has
> > been h4x0red and you're screwed anyway. Doubly so if your encrypted
> > filesystem was mounted at the time. :-)
> 
> I think the case he's describing, is that one can remove the harddisk, mount 
> it as secondary drive, replace system binaries with keylogging enabled 
> binaries and then put it back. You won't notice this till you read daily 
> security report in a default system.

That's a heck of a lot of trouble to go to, considering someone would
have to steal your drive, alter it and put it back without you knowing it!

If the intruder has physical access to the machine, it would be much
easier to put a keylogger device between the keyboard and the machine.

> It's questionable though, whether you should leave your computer in an 
> environment where this can happen undetected and probably better solved by 
> increasing real life security.

An important point that too many people forget.

Roland
-- 
R.F.Smith                                   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071010/bde8cf88/attachment.pgp


More information about the freebsd-questions mailing list