-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Dec 12, 2017 at 10:25:18PM -0200, x9p wrote: > > On Tue, December 12, 2017 8:00 am, to...@tuxteam.de wrote: > ... > > That said, this kinds of attacks are so complex that [...] it > > possibly takes the resources of a nation-state [...]
> If a nation-state wanna play games with you, there are a lot of more > important things you should really care about... If they target *you* individually, yes, they have cheaper means at their disposal. That's called "rubber hose cryptanalysis"[1] -- not pretty. Or, as Schneier put it "the NSA is better at breaking knuckles than at breaking codes". Still, for an attack of the Natanz type, they seem to have picked the Stuxnet way, and you and me might end up as collaterals. > ps: > > ELF --> PE infection on FAT/FAT32/NTFS partition on same disk, unencrypted > (quite easy) > PE --> ELF infection on ext? partition on same disk, unencrypted (bit more > of work) Yes. Unencrypted is easy. Encrypted... well you have to stick to the (necessarily) unencrypted bit. Cheers [1] Or, as XKCD puts it, in a similarly charming way, "$5 wrench cryptanalysis" <https://www.xkcd.com/538/> - -- t > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlow4hAACgkQBcgs9XrR2kZFhgCdHSFMmz3D0FUNXiMfUbl+wGgV dPgAmQHNQKfQ6aP2/dAUmlajyx7lkoUN =aQ72 -----END PGP SIGNATURE-----
