-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Dec 12, 2017 at 05:09:59AM -0500, Anil Duggirala wrote: > Think for yourself a bit: technically it is perfectly possible. The > > Linux partition is accessible from windows and, given some sort of > > library for "understanding" the file system (probably ext4), files > > can be modified this way. Vice-versa, the windows partition will be > > accessible from Linux. > > Yes, that is what I am thinking. I have often accesed (viewed) Windows > files from linux but not the other way around. I trust 10 times more on > Linux security than in Windows, thus having dual-boot in my mind, > diminishes my security ten-fold. Is there any safeguard in Windows (or > in Linux) to avoid this access to a different partition?
Well, in Linux you've to be root to mount a partition (if you are using a desktop environment, this fact is somewhat "cloaked" by PolicyKit and friends). On Windows there'll be a similar mechanism, likewise watered down by some convenience wrapper. > > So in both cases, and given enough access rights, software can modify > > the respective "other side". Only perhaps full-disk encryption (and > > using different keys on both sides, and being particularly suspicious > > when you get asked for the "wrong" key) might help you here. Except... > > there's the unencrypted boot partition (cf. "evil maid attack"). > > How does the boot partition play a role here? Is the software planted in > Windows (or Linux) and then executed at boot? That's the idea. In its simplest form, it would "impersonate" the dialog asking you for your encryption passphrase (up to that point things have to be unencrypted, remember[1]) and then, say phone home giving away your passphrase. Read on "evil maid attack"[2] (a stupid name, but which has become somewhat standard in the field). [1] Unless you have some help from the hardware. But given the last news on Intel's Management Engine, it's not really clear who that hardware is helping (it just seems clear it's not the user, though). [2] https://en.wikipedia.org/wiki/Rootkit#Bootkits > thanks very much. You are welcome :-) Cheers - -- t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlovrwIACgkQBcgs9XrR2kZa+QCfdmSVblwgpm8j1UaUoGEhmMXK 4e0AnjKWy+Ye8Zssn53+PY66QzrGcgCM =MA/w -----END PGP SIGNATURE-----
