On 22/09/11 19:59, ved...@nym.hush.com wrote:
I'm booting from a dvd ubuntu install disk.
Yes, there are many threat models where operating from
a PC that is unknown to the attacker to be associated
with the particular target user will be easier to achieve
than preventing the attacker to subver
On 9/22/2011 4:51 PM, ved...@nym.hush.com wrote:
> I know only very limited stuff about this, but I thought that this
> was mainly to check that copies of windows were 'non-pirated', and
> has come under some criticism that they might be able to exclude some
> from running linux OS's ...
That's
Robert J. Hansen rjh at sixdemonbag.org wrote on
Thu Sep 22 22:07:07 CEST 2011 :
>The EFI/UEFI designers went to some lengths to harden the system
against malware -- unfortunately they could only harden it, not
immunize it.
I know only very limited stuff about this, but I thought that this
was
On 9/22/2011 3:59 PM, ved...@nym.hush.com wrote:
> Can these rootkits work when there is no mbr access?
Yes. In fact, EFI/UEFI is more or less a replacement for MBRs.
EFI/UEFI is almost the first thing through the CPU's brain upon booting.
There's probably some on-chip microcode that executes fi
John Clizbe John at enigmail.net wrote on
Thu Sep 22 21:20:16 CEST 2011 :
>You're also assuming no BIOS or UEFI rootkits :-)
>Whether that is or isn't a problem is up to you
Can these rootkits work when there is no mbr access?
I'm booting from a dvd ubuntu install disk.
No root information is a
ved...@nym.hush.com wrote:
> So, if , for example, in a case where I don't have my laptop with me, (but I
> do have a usb with gpg and keyrings, and a miniDVD with ubuntu),
>
> then, assuming there is no keylogger on the borrowed laptop, what
> is the problem with booting from the ubuntu miniDVD,
John Clizbe John at enigmail.net wrote on
Thu Sep 22 18:38:06 CEST 2011 :
> It can be done, but it's nontrivial. I think it's more like
Sisyphean IMHO :-(.
OK, thought so, ;-)
>You cannot secure "everything" necessary to securely run gpg (or
any >other program) from a USB stick.
>Please don't
On 9/22/2011 12:38 PM, John Clizbe wrote:
> probably be good to include msvcrt.dll as MinGW targets it.
Also so that you're not depending on the host machine's MSVCRT.DLL.
That .DLL is often targeted by malware: it makes such a perfect place to
drop hook functions.
(Putting that .DLL on the stick
ved...@nym.hush.com wrote:
>
> Thanks,
> I knew about the MSYS method, but not about the others,
> but my point was about running gnupg from a flash drive.
>
> I was under the impression that there is no portable way to do that
> on a flashdrive that doesn't have these systems installed on the
>Message: 9
>Date: Wed, 21 Sep 2011 22:44:26 -0500
>From: John Clizbe
>To: gnupg-users@gnupg.org
>Subject: Re: windows binary for gnupg 1.4.11 // compilation
> instructions posted
>Message-ID: <4e7aaf1a.1040...@enigmail.net>
>Content-Type: text/plain; charset=UTF-8
>
>ved...@nym.hush.com wro
10 matches
Mail list logo