On Thursday, December 5, 2019 5:35:09 AM MST Lennart Poettering wrote:
On Do, 05.12.19 04:30, John M. Harris Jr (johnmh(a)splentity.com)
wrote:
> Well, you are, in that the average attacker have to break or steal a key
> to decrypt the drive first. Sure, it wouldn't stop a sophisticated
> attack.
Not how this works.
It is. If you cannot decrypt it, you cannot modify it, nor even read it.
> This is not generally true either. Encrypting /boot helps to
ensure that
> /boot is not modified, and is generally paired with GRUB signature
> validation. In some setups, this GRUB configuration is moved to flash
> storage.
You are conflating integrity and confidentiality. If you want to
protect boot loaders against modification you want the former, not
necessarily the latter.
I am not conflating the two, though confidentiality inherently provides a
certain degree of integrity. If you want to protect boot loaders against
modification, you want *both*.
--
John M. Harris, Jr.
Splentity