Sounds silly. Because if 1) the attacker has physical access, AND 2) there is no secure/trusted boot in place, then she could ALWAYS deploy an evilmaid attack (just remove the disk), regardless of silly GRUB authentications... #sigh https://twitter.com/josephfcox/status/968503797361315840 …
Aside from visible effect of reboot, it's similar to screen locker bypass. Just cut power momentarily then bs bs bs ...
-
-
Two unrelated points: (1) if you reboot you no longer have immediate access to encrypted fs (you backdoor, wait), so on laptop/desktop screen locker might be more relevant than bootloader password; (2) on some servers bootloader password is relevant to mitigate IP-KVM compromise
-
Yep, agree with both. I was thinking of case without encrypted fs or even bootloader pass.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.