For those of you who are using linux: Are you using secure boot? I.e. is your bootloader configured to only decrypt your disk and boot your OS, while blocking all “booting from USB stick” and such?
I’m asking because i’m considering a very specific attack vector, through which a sufficiently skilled agent (e.g. FBI, CIA) could install a keylogger into your OS and get access to your sensitive data that way, even when your disk is encrypted and without your knowledge.
Nothing else about me is secure, why should my boot get to be?
You want AIDS? That’s how you get AIDS
I don’t get this joke, but it made me laugh anyway. Upvote.
Boot not secure = Unprotected buttsex
I guess that all tracks. Me and my computer do both love butt sex.
I never even used it on Windows.
A partial solution to this evil-maid attack vector is Heads firmware (a replacement for the bios/uefi itself), which lets you sign the contents of your unencrypted boot partition using a gpg key on a hardware token, and verify the integrity of the firmware itself using a totp/hotp key stored in the tpm.
All the benefits of secure boot, but you get to control the signing keys yourself instead of relying on a vendor. It’s great stuff.
this is exactly what i was looking for.
If someone can plant a camera somewhere that they can see your keyboard, they can probably obtain your password.
good point. I hadn’t even considered the whole USB keylogger problem.
no. Full disk encryption is enough to protect my privacy from anyone stealing my computer/disks, it’s what matters to me.
If some secret agency want to access said data, they would just need to ask me, with a smile and a nice warrant. At least here in France, not complying is severely punished.
Keep your OS updated, make regular backups, use full-disk-encryption, and nuke and pave whenever things get cluttery. You’ll be alright.
Were it me and I just went through a TSA screening and they took it and returned,… I may nuke the laptop.
If I had that sort of threat model and let the government get their hands on my computer, I would never trust the hardware again. Too many components with their own SoCs containing firmware blobs where an exploit could lurk and reinfect even after a ‘nuke.’ GPUs, disk controllers, WiFi chips, etc.
Good thinking, shoot it with a 12ga slug.
but seriously, time and sense are a factor there. A few seconds? In front of me? I’d waver that action under a few conditions.
Nope. Things break on my system when it gets turned on. I just updated the BIOS last week, which somehow resulted in it getting turned back on. That silently broke my graphics card driver and it took me like an hour to figure out what was going on since there was no obvious error message.
no
Unless you run your mobo with a password (no one really does), the attack vector always exists by disabling secure boot physically; and even the BIOS password could be reset through ways so I don’t really see the point in secure boot.
Secure boot can be made secure in principle. The internal disk is encrypted, the bootloader stores the cryption key internally. When you change which OS is booted, the bootloader refuses to give out the key or deletes the key altogether. For one, you would immediately noticed that your OS was tampered with. For two, even when an alternative OS manages to boot, it can’t read your data.
I’ll enable FDE during the install for systems with sensitive data, but I don’t bother with secure boot. If I were deploying machines in unsecured areas (i.e. not my house) that also had sensitive data on board, I might look into it.
I don’t see it as necessary. I have full disk encryption set up, which is sufficient to protect my data at rest. Even if I had secure boot set up, a sufficiently skilled agent could physically install a USB sniffer in my keyboard, flash a malicious BIOS to my motherboard, or just install a hidden camera to watch me type my password. And many TPMs have vulnerabilities that I’m sure government agencies are able to exploit.
I just assume they can do that without physical access.
look up CIS Benchmark for your OS and it will tell you how to harden your linux system against intrusion
If it’s a state level actor it probably won’t make a difference if they’ve had physical access to the device.
Well, I’m running Asahi Linux on a Macbook which can’t boot from USB even if I wanted to.
However, if you’re really worried about state-level threat actors, like FBI or CIA, I don’t believe there is much you could do to protect yourself anyway. They likely have entire catalogs of unpublished and undisclosed side-band attack exploits they could draw from to gain access to your machine and execute a privilege escalation to install whatever they want.
