[dm-crypt] using a salt for encrypting blocks
arno at wagner.name
Thu Dec 30 13:27:15 CET 2010
On Thu, Dec 30, 2010 at 11:11:18AM +0100, octane indice wrote:
> En r?ponse ? Milan Broz <mbroz at redhat.com> :
> > Good luck. Do you know how easy is to use hw keylogger for
> > example?
> > How do you detect that attacker installed such hw device when
> > he has repeated access to the system?
> > TPM will not help here.
> no. TPM won't help against an hw keylogger.
> But it will help in order to detect a change in my /boot
> partition. And for that, it works. It's so easy to break the
> encryption by modifying /boot than something has to be
> done. Here, TPM can help, so I use.
> For hardware keylogger, I would use a laptop
> very tiny where every change would be noticed.
> For example, a mac book air. So thin, you can't add
> a hardware keylogger.
Good luck with that. Or rather forget about that.
There is ample space.
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt