On 2015-11-04 12:36, Johannes Meixner wrote:
Hello,
On Nov 3 19:41 Carlos E. R. wrote (excerpt):
An attack that destroys the user data files is horrendous. If it destroys the system, it is simple to format and recover the system, even without having a backup. It just takes time.
I do not fully agree.
An attack that destroys user data is only an annoyance. It is simple to be detected and simple to be fixed by restoring the backup.
Most people do not have a backup, or it is not recent enough. Even a week of work lost can be dramatic, if it happens at the /right/ moment.
But I do agree that an attack that destroys the system is only an annoyance (simple to be detected and fixed).
The worst case is an attack that reads (steals) secrets.
Yes. The email password can be key to open other doors, for instance.
My basic question is whether or not there is nowadays "appropriate stuff" that can be used to protect user data even from being read by root so that malware that runs as root cannot read the protected user data?
Telcontar:~ # l /run/user/1000/gvfs ls: cannot access /run/user/1000/gvfs: Permission denied Telcontar:~ # ??
Because I am talking about an usual end-user system I mean when malware runs as root while at the same time the end-user is using the system.
True.
Or might perhaps "UEFI Secure Boot" help here?
Dunno. I have seen schemes to thwart that. Mostly social engineering, if I remember right. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)