> Why not just have an alternate passphrase that, when entered, shuts down
> the PC (or, as you suggest, wipes the LUKS header)? Why a timer?
>
At least because it is not constant that attacker will ask you to do
something and will not begin dump your memory immediately.
--
You
On 10/30/20 5:51 AM, evado...@gmail.com wrote:
interesting but threat model unclear. If the attacker can force you to
enter one password after suspend, why would he not force you to enter
LUKS and user password 5 minutes later?
There are a lot of more attack vectors when system is booted and
if some someone want physical protection from torture. It is possible to
improve this concept and destroy LUKS disk header before shutdown. Then it
will be useless to torture.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
> interesting but threat model unclear. If the attacker can force you to
> enter one password after suspend, why would he not force you to enter
> LUKS and user password 5 minutes later?
There are a lot of more attack vectors when system is booted and only
protected by xscreensaver.
The
On 10/29/20 11:06 PM, evado...@gmail.com wrote:
Proof of Concept.
github.com/evadogstar/qubes-sleepkeeper
Qubes-Sleepkeeper protects you from physical attack when the attacker
force you to enter the password of your Qubes after it wakeup from sleep
or from password guessing after wakeup. The
Proof of Concept.
github.com/evadogstar/qubes-sleepkeeper
Qubes-Sleepkeeper protects you from physical attack when the attacker force
you to enter the password of your Qubes after it wakeup from sleep or from
password guessing after wakeup. The attacker have very limited time to do
so or