The drawers are the best everywhere. RadioShack? Component drawers. Home Depot? Fastener drawers. On and on.
fmstrat
I wonder if it's so you can get a calendar of usage tines. Could be handy to ensure kids are brushing for the right amount of time?
I have the same box fan
Sometimes it's to artificially narrow the lane to slow traffic. That's what they did here.
But.. your original comment is just.. wrong?
This isn't a critical security flaw unless you have the worst partition scheme on your encrypted volumes imaginable.
The default LUKS partition scheme is vulnerable.
It's not even a process flaw at that point, just "possible".
There is a successful POC, it is a flaw.
you can compromise disks once encrypted because everything is happening in an in-memory boot process.
This is not just in-memory. This is modifying the unencrypted part of initramfs on disk. Powering off the machine does not remove the exploit.
You always "boot something that is unencrypted." You then "mount" the encrypted volumes and load the OS.
This is how people can put an SSH server (dropbear) in initramfs so they can unlock remotely.
The attack is to initramfs, not the encrypted layer.
The order'ish:
- Boot
- Initramfs loads, gives you the LUKS prompt
- Initramfs decrypts/mounts OS
- OS loads
I'm confused.
Initramfs is unencrypted in /boot when using LUKS with RAID. It has to be, right?
The attacker uses a debug shell to modify the unencrypted boot, so the next time you boot and type your LUKS password, they can gain access.
This doesn't line up with your comment?
Everyone is waiting for this. There needs to be a party.
A fun conversation starter is always "So do you have an internal monologue?"
Agreed, and unfortunately articles like this are food for CEOs to do more under the guise of AI. "See, it works!"
Fry's. Some Microcenters. Al Lashers.