Collaborate Disseminate
I’m trying to understand how shim is considered secure.
Shim is a signed bootloader that allows to load any image (at a fixed path in the EFI System Partition) as long as its hash is added to a MOK (machine owner’s key) list, which is stor… Continue reading Is shim secure if new MOK entried can be added without a password?
I gave my laptop for repair to a technician now I suspect he might have copied my files to another pc by probably plugging in my SSD to other devices. I already tried checking the properties but idk why my access time is getting set to the… Continue reading Is there a way to find the devices my SSD was plugged in?
What can I do to check a potential "evil maid attack"?
Continue reading How to check if someone used my desktop or any other device
I’m in the process of figuring out an encryption strategy for a personal Linux system.
My laptop is almost always on, or in sleep mode, except for longer travels.
My main threats are theft of my laptop while powered on, and evil maid.
It i… Continue reading How to protect files in use on a system powered on from physical theft or tampering?
UPDATE : i know i modify the post significantly, will try to not do that anymore. Please read from scratch
Let’s imagine we have a machine that holds customer private keys to various crypto assets, that is vital to secure and should it be … Continue reading Theoretical unbreakable security for a single compute instance/machine [closed]
How can I create a fake desktop environment and file system, that automatically starts as default when booting up, and may be exited out of by doing a specific action? (Like a keystroke) to prevent physical access?
Continue reading Preventing low-skill physical access by creating fake desktop environment
Is there a honey pot that displays a fake desktop environment, file system etc, for physical attackers?
I had a card like a credit card that I used to use for work. It was an ID card, and it had an access code, a swiper, a barcode, my picture, my name, my rank, my license, the name of the company, and the address of the building where my com… Continue reading Shred, cut, melt, smash, grind, then flush, is it secure disposal of a security access id card?
I’ve got a t450 thinkpad and am under a targeted attack most likely by physical contact with my device (shared house).
I need to format all my partitions but first preferably mount them on a chrooted session to copy some desirable files, s… Continue reading Need expert help regarding a long term targeted attack,mount infected partition safetly and other security questions [Thinkpad T450] [closed]
I have physical access to a Linux computer (Ubuntu 20.04). My colleague asked me what an attacker could do if he had physical access to this computer?
I would like to know if, by default (after a fresh installation), it is possible to plug… Continue reading What can an attacker do with physical access to a Linux server?