fwiw, this is literately the point of TPM.
On 2016 Jun 21 (Tue) at 10:19:21 +0300 (+0300), Theodoros wrote: :Could someone trust a bootloader by e.g. having an aide-like system on :boot, confirming its' authenticity as part of the boot process? : :Please share your thoughts. : : : :On 20 June 2016 at 14:36, Ivan Markin <t...@riseup.net> wrote: :> Bodie: :>> What is that security reason worth of not using default full disk :>> encryption? :> :> Have a look at e.g. Evil Maid Attack [1]. One may want to bear a trusted :> bootloader with themselves and leave raw full-encrypted drive in some :> 'hostile' environment. :> :> [1] https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html :> :> -- :> Ivan Markin : -- The only really decent thing to do behind a person's back is pat it.
