|
|
|
|
|
|
by throwaway7767
3380 days ago
|
|
|
You modify the bootloader to grab the password on next decryption. The bootloader is in cleartext on the disk, otherwise the machine couldn't boot. More advanced versions would involve modifying the BIOS to add a SMM-mode hook. That way the malware runs completely outside the view of the OS. Alternatively, any device with DMA access could have its firmware altered to read sensitive information from memory. Physical security is an unsolved problem. |
|
|
Mine isn't - I have GRUB installed to my BIOS chip, and I decrypt the single encrypted partition from there.
>More advanced versions would involve modifying the BIOS to add a SMM-mode hook.
That one could still get me though, yeah.