| 1 |
> -----Original Message----- |
| 2 |
> From: Rich Freeman <rich0@g.o> |
| 3 |
> Sent: Monday, March 21, 2022 5:21 PM |
| 4 |
> To: gentoo-user@l.g.o |
| 5 |
> Subject: Re: [gentoo-user] KDE, sddm etc security. Plus LVM question. |
| 6 |
> |
| 7 |
> On Mon, Mar 21, 2022 at 8:03 PM Laurence Perkins <lperkins@×××××××.net> wrote: |
| 8 |
> > |
| 9 |
> > The TPM in most computers doesn't dump the keys if someone tries to open the case to install hardware sniffers. |
| 10 |
> > |
| 11 |
> |
| 12 |
> That's a good point, though if somebody with the ability to sniff the RAM or (to a lesser degree) GPU traffic is after you, then you probably want to be on the lookout for rubber hose decryption. |
| 13 |
> |
| 14 |
> If you're a big spender the AMD Secure Memory Encryption feature would probably help there, assuming they ever get it working on Linux. |
| 15 |
> |
| 16 |
> -- |
| 17 |
> Rich |
| 18 |
> |
| 19 |
> |
| 20 |
|
| 21 |
There are a lot of circumstances where the attacker doesn't want you to know you've been compromised. At least not right away. Tamper detection can be useful for avoiding that.
|
| 22 |
|
| 23 |
Along similar lines there's a kernel module available, the project name slips my mind, which can be set to wipe keys, memory, etc. if the system is booted without a particular USB device attached, or if the device is removed. Gives one a way to quickly "decommission" a system.
|
| 24 |
|
| 25 |
LMP |
Archives