On 10/21/2014 10:02 PM, Lennart Poettering wrote:
Maybe
that's actually a strategy to adopt here: upload the encryption keys
into the firmware as efi vars, and then pull them out on next boots or
so (assuming that efi vars can be marked to survive soft reboots
without making them fully persistent...)
Hmmm, surrendering your encryption keys to the only software
part which you do not have control on?
--
Roberto Ragusa mail at robertoragusa.it