1 |
Am Sonntag, 22. November 2009 17:38:02 schrieb schism@×××××××××.org: |
2 |
> It doesn't really make sense because you're not protecting against a |
3 |
> "casual" attacker at this point anyway. All FDE protects against is |
4 |
> powered-down physical compromise (typically theft or loss). The moment |
5 |
> your threat model includes a malicious attacker returning ownership to |
6 |
> you, you've gone way beyond the "by-chance-hacker" assessment and deeply |
7 |
> into espionage territory. At that point, if the attacker has had |
8 |
> manipulative access to your boot media, nothing short of hardware-level |
9 |
> measurements is really going to "guarantee" the safety of your data. I |
10 |
> also refer you to http://xkcd.com/538/. |
11 |
|
12 |
Hehe, this comic is very true. Even though I didn't try to hide from |
13 |
government or highly criminal guys, I guess you are right that the "by-chance- |
14 |
hackers" won't be able to do anything which will get prevented by this way of |
15 |
doing it. |
16 |
|
17 |
|
18 |
|
19 |
> There's nothing stopping you from this pursuit, it simply isn't going to |
20 |
> protect against what you may think it does. It adds unnecessary |
21 |
> complexity for that purpose, and complexity just adds more opportunities |
22 |
> for failure and subversion. If you find it convenient, that's just up |
23 |
> to you. |
24 |
|
25 |
Well, I guess I'll let it be for the time beeing. |
26 |
|
27 |
Thank you for the discussion! |