Hello, On Nov 3 19:41 Carlos E. R. wrote (excerpt):
An attack that destroys the user data files is horrendous. If it destroys the system, it is simple to format and recover the system, even without having a backup. It just takes time.
I do not fully agree. An attack that destroys user data is only an annoyance. It is simple to be detected and simple to be fixed by restoring the backup. But I do agree that an attack that destroys the system is only an annoyance (simple to be detected and fixed). The worst case is an attack that reads (steals) secrets. My basic question is whether or not there is nowadays "appropriate stuff" that can be used to protect user data even from being read by root so that malware that runs as root cannot read the protected user data? Because I am talking about an usual end-user system I mean when malware runs as root while at the same time the end-user is using the system. I think on an usual end-user system it is nowadays not possible to protect the user from root because root could always eavesdrop on all user input via whatever changes in the basic system (e.g. a keylogger in the kernel). Or might perhaps "UEFI Secure Boot" help here? I am thinking about Lennart Poettering talk on FOSDEM 2015 about adding Gummiboot to systemd to complete the safety chain of the boot process with UEFI Secure Boot. Kind Regards Johannes Meixner -- SUSE LINUX GmbH - GF: Felix Imendoerffer, Jane Smithard, Graham Norton - HRB 21284 (AG Nuernberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org