It doesn't have to be always thrown away. After some thinking, it could make a good entrapment technique.
1) create an unencrypted /boot volume and save a healthy offline (usb?) backup you can use for comparison 2) hashcheck (from a usb-boot environment) and then boot normally the system if check is OK 3) repeat 2 until check is NOT OK, make copy of failed /boot volume and examine. 4) win. On 22 June 2016 at 19:52, Ted Unangst <[email protected]> wrote: > Theodoros wrote: >> Fair point! >> It would make it more complicated for an adversary, but not impossible. > > If an adversary gains possession of your hard drive and gives it back to you, > throw it away.
