Security Basics mailing list archives
Re: Laptop - Full Disk Encryption? (Booting defeats FDE)
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 6 Dec 2007 17:19:17 +0100
On 2007-12-06 Tim A. wrote:
Here's a crazy idea: Run a Virtual Machine inside a TrueCrypt volume. The VM cannot even be opened until the TrueCrypt volume is mounted. *Everything* is encrypted, paging file / swap file, OS and User right down to your CMOS and boot blocks. How will it preform? Good question. Give it a shot.
Performance issues aside, an attacker will still be able to manipulate the host operating system, which in turn will be able to manipulate the guest operating system once the VM is started. Virtual Machines are designed to protect the host OS from the guest OS, *not* vice versa. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Tim A. (Dec 06)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Ansgar -59cobalt- Wiechers (Dec 06)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Tim A. (Dec 06)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Ansgar -59cobalt- Wiechers (Dec 06)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Tim A. (Dec 06)
- <Possible follow-ups>
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Rob Thompson (Dec 06)
- Re: Laptop - Full Disk Encryption? (Booting defeats FDE) Ansgar -59cobalt- Wiechers (Dec 06)