AMD64: Something's missing?
Evan Langlois
evan at ddos.com
Wed Oct 22 05:45:00 CEST 2003
> Encryption in boot process doesn't make sense to me.
> What you want to protect is the data in the storage, not the boot image
> (kernel).
> Encryption of the storage is OS's bussiness, and the OS will ask you the
> password before decrypting any data.
Don't assume the boot image is a Linux kernel!
The boot image in this case would be a proprietary piece of software for
real-time network filtering. The algorythm for which is patented
technology. A user-input encryption key doesn't make sense as the box
is stand-alone and does not have an operator. A simple encryption at
least stops someone from removing the drive (or flash disk) from the
system and reverse engineering it. Granted, they can get the key from
the ROM, but if they have to disassemble the ROM to do it, it might slow
things down.
It would at least be better protection than a non-encrypted system being
booted by the PC BIOS.
----
Evan K. Langlois
Melior, Inc.
iSecure - CyberWarfare Defense
www.dDoS.com
Tel: (888) 4 MELIOR or +1-214-421-5975
Fax: (888) TO FAX US or +1-214-421-5951
Mobile USA: +1-214-315-9825
This email is intended for the addressee only.
The material may be privileged and may contain confidential
information.
If you have received this email in error, please notify Melior, Inc.
immediately
by email and delete the original. Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20031022/8adb6529/attachment.html>
More information about the coreboot
mailing list