On Tuesday, February 20, 2018 at 7:04:00 AM UTC+7, Tim W wrote:
> Make sure there is no way to softboot\power cycle the box as with sed opal2 
> hw encrypt drives they will stay unlocked until either manual locked or power 
> loss state i.e. true power cycle.   I run  Samsu. 850pro  But still run luks 
> as a precaution to some tricks to softboot a locked powered on system.

I know about this problem, I want to use hardware-based encryption against 
unprepared/unskilled attackers, but if someone really want to get the keys, 
there'll allways be a way to do this when you have physical access to the 
hardware. For example, even if you use LUKS in addition to hardware encryption, 
the LUKS keys will be in the RAM and attacker can read them directly from RAM:

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to