On Mon, 2012-06-04 at 10:34 -0400, Michael Mol wrote: > On Mon, Jun 4, 2012 at 9:33 AM, BRM <bm_witn...@yahoo.com> wrote: > >> From: Michael Mol <mike...@gmail.com> > > > >>On Sat, Jun 2, 2012 at 10:04 PM, BRM <bm_witn...@yahoo.com> wrote: > >>>> From: Michael Mol <mike...@gmail.com> > >>[snip] > >>> In theory that's how key signing systems are suppose to work. ... > >>I see something like SecureBoot as being useful in corporate and > >>military security contexts. I don't see it lasting in SOHO > >>environments. > > > > > >... > > And here's a use case that might seem worthwhile...Say you've got > hardware with SecureBoot. Now, you don't run Windows, so you don't > care about the UEFI BIOS having Microsoft's key. Instead, you're a > Linux guy, and you're very privacy conscious; perhaps you're a > security consultant or contractor. Or perhaps you're worried about > corporate espionage. Or perhaps you're simply afraid of governments. > > You can flush Microsoft's key from BIOS and insert your own. Sign your > bootloader, kernel and initramfs. Set up your / filesystem to be fully > encrypted. And configure things such that if BIOS isn't operating in > SecureBoot mode with your key, it won't even mount and decrypt your / > filesystem. > > You've just denied access to any existing forensic tool which would > either examine your hard disk or operate as a rootkit. The only thing > that's going to get your data is a live inspection of your RAM > (tricky! but doable.) or a rubber hose. > ...
We have a security researcher at work who specialises in the forensics side - expert witness in court and does data retrieval etc ... I dont think he has had anyone seriously try to hide anything yet, but if the above becomes common in the non-law abiding set, the govt will have it back doored or dissappeared (banned from sale or heavily controlled). "Think of the children ..." which is overused here in Oz comes to mind. Providing tools to strip cell phone data and PC hard disks seems to be a popular/profitable business to be in at the moment :) BillK
