[flopunctro]

I believe there is at least one case of compromise where a trusted liveCD will not help: a hardware keylogger connected on the keyboard circuit. (I think i saw this in some movie, and I liked the idea very much).

So even if your kernel is trusted, your network stack is trusted at all layers, your communications are cryptographically secure, the words you are writing can be seen by an attacker through this device. Perhaps in or near realtime.

[mhd]

Bring along your own keyboard? A good Model M doubles as weapon and/or body armor for the enterprising agent.

On a more serious note, while it's probably a bit harder to "infect" a system with, you probably can hook something up to the USB circuitry, in which case this wouldn't help.

Unless you continue the one-upmanship and have your HID transmissions encrypted on the hardware side, then it's just semi-random garbage for any logger. A software driver in the distro then makes it usable.

Something like that might even exist, for paranoid bluetooth users...

Edit: Silly me, bluetooth does feature encryption, of course. Not sure how strong/well implemented that is in the case of most keyboards.

[learc83]

Software keyboard for entering passwords would handle that. Of course there are other hardware attacks that would work.

But seriously, hardware compromised machines are much much less likely than remotely installed malware.