On 12/19/2015 08:59 AM, Joe Pfeiffer wrote:
Michael Fothergill <michael.fotherg...@googlemail.com> writes:
I noticed some articles suggesting that there is a security problem in
grub2.
E.g.
http://thehackernews.com/2015/12/hack-linux-grub-password.html
Is there any substance to this?
Yes, for the microscopic proportion of people who put a password on
their bootloader in the first place,
+1
(I had never heard of GRUB usernames/ passwords before today. That
sounds like more of an annoyance than security.)
A good defense against an attacker with physical access is LUKS
encryption on all partitions except /boot. Be sure to buy CPU's with
AES-NI.
Another, additional, option is self-encrypting drives (SED), which are
operating system agnostic and protect the entire contents of drive with
zero CPU overhead.
David
