> interesting but threat model unclear. If the attacker can force you to > enter one password after suspend, why would he not force you to enter > LUKS and user password 5 minutes later?
There are a lot of more attack vectors when system is booted and only protected by xscreensaver. The attacker can use some hardware backdoors, xscreensaver bugs/backdoors/kill it to receive access: dump your memory on hardware level, receive access to memory from vulnerable hardware, guess screensaver password etc. If the system will automatically shutdown then there is only one attack vector: LUKS password пятница, 30 октября 2020 г. в 07:54:14 UTC, haa...@web.de: > On 10/29/20 11:06 PM, evado...@gmail.com wrote: > > Proof of Concept. > > > > github.com/evadogstar/qubes-sleepkeeper > > > > Qubes-Sleepkeeper protects you from physical attack when the attacker > > force you to enter the password of your Qubes after it wakeup from sleep > > or from password guessing after wakeup. The attacker have very limited > > time to do so or Qubes will shutdown automaticaly. > > Interesting but threat model unclear. If the attacker can force you to > enter one password after suspend, why would he not force you to enter > LUKS and user password 5 minutes later? Please explain. Rather an evil > maid "attempt detection" (not protection) by "laptop is down instead of > sleeping"? I think it really could help as additional data protection in > case of normal, criminal theft... > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/33d0fc92-a43f-4568-8626-ce3e2761518bn%40googlegroups.com.
