On Mi, 29.09.21 12:47, Leon Fauster (leonfaus...@googlemail.com) wrote:
> > Encryption is not authentication.
> >
> > Not sure why you would encrypt your boot loader though? The boot
> > loader code is hardly a secret, is it? It's the same for everyone and
> > open source.
> >
> > And with which
On 28.09.21 23:13, Lennart Poettering wrote:
On Di, 28.09.21 19:44, Leon Fauster (leonfaus...@googlemail.com) wrote:
Hallo Lennart, corresponding to your last post about FDE:
On an EFI system - would an encrypted "/boot" or /boot on
an encrypted "/" filesystem eliminate the mentioned main
Hallo Lennart, corresponding to your last post about FDE:
On an EFI system - would an encrypted "/boot" or /boot on
an encrypted "/" filesystem eliminate the mentioned main
attack vector? The whole chain would be authenticated.
firmware->shim->bootloader/grub2->{manual
On Di, 28.09.21 19:44, Leon Fauster (leonfaus...@googlemail.com) wrote:
> Hallo Lennart, corresponding to your last post about FDE:
>
> On an EFI system - would an encrypted "/boot" or /boot on
> an encrypted "/" filesystem eliminate the mentioned main
> attack vector? The whole chain would be