kravietz 🦇  

Just had an interesting question from a colleague who has a notebook and works remotely from random places:

> I've got full-disk (FDE), what else I can do for ?

1+
Sheogorath :si_blobfox:  

@kravietz Set a grub password!

Use OpenSCAP Workbench with the proper profile for Ubuntu, Fedora or CentOS to check compliance.

Full set of instructions (one might want to select just a few, but still):

access.redhat.com/documentatio

I guess that should already help a lot :)

1
kravietz 🦇  

@sheogorath But will Grub password protect from evil maid attacks such as this one? github.com/nyxxxie/de-LUKS

Because the main problem is that in Ubuntu the bootloader is loaded from an unencrypted partition, which can be modified off-line...

1+
Nikola Lakić :arch:
Follow

@kravietz
This is really something to be worried about, I have my partitions encrypted by LUKS :(
@sheogorath

· · Fedilab · 0 · 0 · 1
Sign in to participate in the conversation
Mastodon 🔐 privacytools.io

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, many contributions are tax deductible!

Resources

Developers

What is Mastodon?

social.privacytools.io

More…