[dm-crypt] using a salt for encrypting blocks

Arno Wagner arno at wagner.name
Thu Dec 30 13:27:15 CET 2010

On Thu, Dec 30, 2010 at 11:11:18AM +0100, octane indice wrote:
> En r?ponse ? Milan Broz <mbroz at redhat.com> :
> > Good luck. Do you know how easy is to use hw keylogger for
> > example?
> yes.
> > How do you detect that attacker installed such hw device when
> > he has repeated access to the system?
> > TPM will not help here.
> no. TPM won't help against an hw keylogger.
> But it will help in order to detect a change in my /boot 
> partition. And for that, it works. It's so easy to break the
> encryption by modifying /boot than something has to be 
> done. Here, TPM can help, so I use.
> For hardware keylogger, I would use a laptop
> very tiny where every change would be noticed.
> For example, a mac book air. So thin, you can't add
> a hardware keylogger. 

Good luck with that. Or rather forget about that. 
There is ample space.

Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

More information about the dm-crypt mailing list