[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libreboot] Libreplanet keynote questions

From: Isaac David
Subject: Re: [Libreboot] Libreplanet keynote questions
Date: Thu, 17 Mar 2016 22:24:18 -0600

Le jeu. 17 mars 2016 à 16:08, Will Hill <address@hidden> a écrit :
On Tuesday 15 March 2016, Denis 'GNUtoo' Carikli wrote:
For instance I'm personally very interested in activists threat model,
 that includes resisting to targeted physical attacks.

Currently, the most used setup (to my knowledge) to resist such attacks
 consists in:
 - An FSF certified computer with libreboot.
 - GRUB in the BIOS flash, that can open encrypted rootfs.

What's the advantage of GRUB in BIOS rather than root FS?

GRUB is never installed to the root filesystem AFAIK, only the config usually is; but storing GRUB in flash allows you to encrypt the whole hard disk. Overwriting the flash chip can be a bit harder than overwriting a few sectors in your hard disk; some BIOS chips can be set to read-only, etc. If an attacker gets his hands on GRUB he can learn your encryption password or trick you into loading a compromised kernel.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]