Alexander Klimov <[EMAIL PROTECTED]> writes: > Are you afraid of attackers secretly changing your software (to > monitor you?) while your computer is off?
I believe this is a not completely unreasonable threat. Modifying files on the /boot partition to install a keylogger is not rocket science, and (more importantly) can be done remotely, if you gain unauthorized access to the machine. If you boot from a trusted USB stick instead, and check the integrity of the hard disk, the attacker needs to modify BIOS in order to install the keylogger. This may be sufficient difficult to do on a large scale (there are many different ways to update BIOS software), so that the attacker goes away to try some other weakness instead. There is one aspect that I don't recall seeing in this thread: if you use a laptop, and suspend it to disk, there is no encryption or authentication of the data as far as I know. (I believe swsusp optionally can use SHA-1 or MD5 to verify integrity, but the hash is not keyed.) For example, your SSH or PGP RSA key may be copied to disk without warning. In addition, someone could modify the on-disk RAM image to add a new root process when you restart the machine. > If so, are you sure that there is no hardware keylogger in your > keyboard and there is no camera inside a ceiling mounted smoke > detector [1]? Installing or enabling such features remotely is difficult, and (importantly) cannot be done in the same way for all hardware. /Simon --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
