[U-Boot] secure embedded linux system
Mahendra Dobariya
mahendra_mahendra at hotmail.com
Fri May 30 12:55:18 CEST 2014
thanks for replying..I think , if I encrypt entire rootfs , and embedded decryption key in uboot (at the time of compiling uboot)..it can be protected ...what is your suggestion..?I have never work with uboot..so that I need help to embedded decryption key to uboot to load encrypted rootfs..best regards.Mahendra
> To: mahendra_mahendra at hotmail.com
> CC: u-boot at lists.denx.de
> From: wd at denx.de
> Subject: Re: [U-Boot] secure embedded linux system
> Date: Fri, 30 May 2014 11:40:43 +0200
>
> Dear Mahendra Dobariya,
>
> In message <BAY176-W171CCC856593BA0F7380DC90240 at phx.gbl> you wrote:
> >
> > hello,,I am from India.I am electronics hobbyist.currently I am using
> > beaglebone black in my project.and I am afraid of security of linux
> > systemits quite easy to copy or modify data from linux system if it
> > has physical access.lets say ,I have BBB , and I boot it from
> > external device(like external mmc ). and mount internal emmc then
> > modify shadow file. and then boot from internal Emmc. now I will get
> > root access , and I can modify anything on the system.
>
> If you cannot prevent physical access, you cannot prevent one from
> taking full control over your hardware. If needed, I'll attach a JTAG
> debugger and run my own version of U-Boot that circumvents all security
> measures you installed in yours.
>
> Best regards,
>
> Wolfgang Denk
>
> --
> DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
> HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
> Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
> There are three things I always forget. Names, faces - the third I
> can't remember. - Italo Svevo
More information about the U-Boot
mailing list