Date: Wed, 15 Sep 2004 19:17:33 -0700 (PDT) From: ctodd@chrismiller.com To: Peter Pentchev <roam@ringlet.net> Cc: Frank Knobbe <frank@knobbe.us> Subject: Re: Booting encrypted Message-ID: <Pine.BSI.4.58L.0409151855130.8383@vp4.netgate.net> In-Reply-To: <20040916010317.GN1001@straylight.m.ringlet.net> References: <200409072022.i87KM7Kf049770@wattres.Watt.COM> <20040916010317.GN1001@straylight.m.ringlet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Sep 15, 2004 at 07:30:19PM -0500, Frank Knobbe wrote: > > On Tue, 2004-09-07 at 15:22, Steve Watt wrote: > > > > Seriously though, tying the boot process to a hardware dependent value > > that is not accessible from within the booted system might be something > > to consider. > > One word that Bruce M. Simpson already mentioned: TCPA :) First let me say thanks, this is the kind of outside the box thinking I'm looking for. My main objective is to prevent someone from removing the drive and mounting it from another *nix system and turning it into a unix toy (turning on shell access, etc) which it's not designed to be, as well as getting at the application and configuration. By having encryption done by the loader in such a way that the key can not be derived, protects the entire filesystem from tampering. Nothing this appliance is going to be doing requires super fast disk i/o so encryption is not an issue. In fact I've even considered using flash instead of a drive, but the same issue is there. I think what TCPA does has it's application, but I'm not too concerned about the disk being booted from other hardware, or the hardware being scavenged for other projects. TCPA sounds like something useful for the internet tablet PCs of "the boom" that were sold at a loss to be made up by a subscription to a service. Many of these were purchased for the hardware (~$200) and hacked for geek projects :-). Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.4.58L.0409151855130.8383>