Comment 23 for bug 1980018

To anyone thinking about using the scripts:

Be sure you understand the impact of the initrd not being measured before you deploy this solution on valuable data!

My explanation is that it means anyone who can write to your /boot directory can replace your initrd with a modified/compromised version and then access unencrypted files without any password.

As I understand it, the attacker would need to run the attack in a device with access to the TPM initially (they cannot just clone the disk and use another computer to decrypt it) [as christopher88hall commented] . And it could be said that this same attack would compromise many common system deployments!

Some may think of this as an upgrade over the next best suitable option for them (which could be an unencrypted filesystem) and others will think of it as a major downgrade just to avoid typing a password. It's a choice for each of us to take in our own way, but make sure you know what you're decision is based on!

I'd hate for you to get a nasty surprise /after/ some malicious attacker just walked off with all your valuable data and you've potentially lost everything...

Much better to read about it first if there's any doubt in your mind and work out if this is better or worse than you currently have!

From christopher88hall's comments, I suspect he has it straight already, but ultimately his decision is between him and his data security policies.