|
|
|
|
|
|
by nuvious
1755 days ago
|
|
|
Author here; #3 also defies the use-case for a duress word. The attacker is supposed to be presented with what appears to be a normal login scenario while in the background sensitive data is being scrubbed or even have the routines remove the pam-duress module completely so there's no evidence there was a duress routine in place. Real law enforcement agencies would also simply confiscate the device and hand it to a forensic team to pull a "golden image" from it to work with in lieu of a user session. |
|
|