On 9/7/2018 3:06 AM, Paddy Landau wrote:
> If you are arguing that /boot shouldn't be encrypted, this is a direct
> contradiction of what you wrote earlier that malware can be loaded into
> the ESP; so why couldn't malware be loaded into /boot?
It can. Encrypting it does not stop that.
> Please would you explain why you think that we should NOT encrypt /boot?
> The rest of us here are mystified; we should encrypt as much as possible
> in order to increase the barriers to black hats.
Because encryption does not prevent tampering. It protects private
data. With no private data in /boot, there is no need to protect it.
On 9/9/2018 5:40 PM, Javier Paniagua Laconich wrote:
> Well, not entirely correct. Encryption is also for tamper resistance, so it is still very useful even if nothing in /boot is private.
No, it isn't.
This belief that encryption prevents tampering strikes me as similar to
people thinking that RAID is a substitute for backups.
On 9/7/2018 3:06 AM, Paddy Landau wrote:
> If you are arguing that /boot shouldn't be encrypted, this is a direct
> contradiction of what you wrote earlier that malware can be loaded into
> the ESP; so why couldn't malware be loaded into /boot?
It can. Encrypting it does not stop that.
> Please would you explain why you think that we should NOT encrypt /boot?
> The rest of us here are mystified; we should encrypt as much as possible
> in order to increase the barriers to black hats.
Because encryption does not prevent tampering. It protects private
data. With no private data in /boot, there is no need to protect it.
On 9/9/2018 5:40 PM, Javier Paniagua Laconich wrote:
> Well, not entirely correct. Encryption is also for tamper resistance, so it is still very useful even if nothing in /boot is private.
No, it isn't.
This belief that encryption prevents tampering strikes me as similar to
people thinking that RAID is a substitute for backups.