Re: [tlug] 28 Backspaces

[Curt Sampson <cjs@example.com>]

On 2015-12-22 09:35 +0900 (Tue), CL wrote:

> http://www.zdnet.com/article/how-to-hack-any-linux-machine-just-using-backspace/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61

So, this is only in the bootloader, which raises a few points.

Most important: if you're not encrypting your main Linux partition
(and any auxiliary partitions, other than /boot), You're Doing It
Wrong. That is by far the easiest way to cover a large number of issues
related to security of a machine. Once you have that, the only other
really important point is that the machine should never be turned on or
suspended when it's out of your control. (In fact, you should keep it in
your control for at least 15 minutes after hibernating it or shutting it
down.)

If you do this, the attack described here is irrelevant.

If you have your main (and non-/boot auxiliary) partitions encrypted,
not much else matters. Booting from USB is not really much of a threat,
given that if someone's got that level of physical access to the
machine, in most cases they could simply pull the drive as well. (It's
probably faster to pull the drive, put it in a screwless case, plug it
in to a laptop you're carrying with you, and attack it that way than it
is to boot the original machine via USB.)

cjs
-- 
Curt Sampson         <cjs@example.com>         +81 90 7737 2974

To iterate is human, to recurse divine.
    - L Peter Deutsch