Context Navigation

← Previous Ticket
Next Ticket →

Ticket #207 (new task)

Opened 2 years ago

Harden Live CD kernel

Reported by:	jcrofts	Owned by:	lars
Priority:	lowest	Milestone:	Wishlist
Component:	live-cd	Version:	cryptobox-live-cd 03.1
Severity:	minor	Keywords:	harden, kernel
Cc:

Description

Eventually it might make sense to work on making the Live CD kernel more secure, protecting against "cold boot" and other hardware-based attacks. These attacks can't be stopped entirely, but there are known techniques that can mitigate them.

Here's one website that links to some more common kernel hardening patches. http://www.securityfocus.com/infocus/1539

A note could also be added to the documentation that users who need relatively high security should turn "fast boot" or similar options off in their BIOS. This will cause the BIOS to perform a destructive memory test on most/all of RAM on startup, making "cold boot" attacks on secrets stored in RAM before the reboot MUCH more difficult.

Attachments

Add/Change #207 (Harden Live CD kernel)

Author

Your email or username:

Comment (you may use WikiFormatting here):

Change Properties

Summary:
Type:	Priority:
Milestone:	Component:
Version:	Severity:
Keywords:	Add/Remove from Cc:	<Author field>

Action

leave as new

resolve as The resolution will be set. Next status will be 'closed'

reassign to The owner will change. Next status will be 'new'

accept The owner will change to anonymous. Next status will be 'assigned'

Anonymous users are allowed to post by adding 1 and 10

Note: See TracTickets for help on using tickets.