You are viewing a single comment's thread.

view the rest of the comments →

0
0

[–] ImSureImPerfect [S] ago 

So the bootloader is a potential vulnerable spot then? Interesting.

When you say bad for performance, do you mean it's not encrypted well enough? Or that it slows down the PC? What kind of bad are we looking at?

0
2

[–] Fuckery 0 points 2 points (+2|-0) ago 

Even with perfect full disk encryption there is this. For absolutely perfect protection, you are going to have to rig a thermite charge with a battery backup and auto ignition criteria.

0
1

[–] ImSureImPerfect [S] 0 points 1 point (+1|-0) ago 

Jesus. That seems like a little much, but I guess if we're talking about perfect protection it might be the only way.

I'm suddenly very glad that I don't need encryption so good that it's backed up by thermite.

0
1

[–] e0steven 0 points 1 point (+1|-0) ago 

True however that was in very controlled circumstances. The RAM chips have to be either physically removed or very quickly chilled in order to extract the key. Possible yes, really feasible? Um no.

0
1

[–] VimTsar 0 points 1 point (+1|-0) ago 

This works only if system was on in previous 3-5 minutes. And even then its not 100% effective. Keylogger, malware or social engineering might be more effective in most cases.

0
2

[–] xyzzy 0 points 2 points (+2|-0) ago 

So the bootloader is a potential vulnerable spot then?

I wouldn't say it's vulnerable, but readable.

When you say bad for performance, do you mean it's not encrypted well enough? Or that it slows down the PC? What kind of bad are we looking at?

It slows down. Since every file read from disk has to be decrypted and only part of them remain cached in the RAM. So reading from disk is slow and uses CPU power.

0
0

[–] ImSureImPerfect [S] ago 

Assuming you had a strong PC - say, one designed to be powerful enough to do some serious multitasking, and to run some demanding software - this would be less of an issue then, yes?

Thanks for answering all of my nitpicky questions, by the way. This is probably the last one. My curiosity is getting pretty satisfied.

0
0

[–] NinjaKitteh ago 

You could have your /boot on a USB-stick, that way you can be sure it has not been tampered with.