aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-07-03 11:00:56 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-07-03 11:00:56 -0300
commitce9fe1ed9ba8b567fd5150f03a4b3bb8e7e1d9ca (patch)
treed8f622d519af07ce2ff4c1861cd5c86e78d24bc1
parentc483c5f404811e4e46531c2d8ff64e4aceacce62 (diff)
downloadbootless-ce9fe1ed9ba8b567fd5150f03a4b3bb8e7e1d9ca.tar.gz
bootless-ce9fe1ed9ba8b567fd5150f03a4b3bb8e7e1d9ca.tar.bz2
Format threat model
-rw-r--r--index.mdwn6
1 files changed, 3 insertions, 3 deletions
diff --git a/index.mdwn b/index.mdwn
index 8289176..9ecc199 100644
--- a/index.mdwn
+++ b/index.mdwn
@@ -87,13 +87,13 @@ Check device/image signatures:
Threat Model
------------
-Does bootless mitigate all types of Evil Maid attacks? No:
+### Does bootless mitigate all types of Evil Maid attacks? No.
-1. It just reduces it attack surface by placing the bootloader away from the physical machine and recommending you to use Full Disk Encryption (FDE) to store your operating system, swap and data.
+1. It reduces the attack surface by placing the bootloader away from the physical machine and recommending you to use Full Disk Encryption (FDE) to store your operating system, swap and data.
2. Infection is still possible in plenty of unencrypted/unauthenticated software residing in the machine, such as BIOS, network firmware and potential backdoors such as Intel's AMT/ME.
-Additional mitigations:
+### Additional mitigations
3. For physical attempts to tamper with your bare metal, you might try to protect and monitor your perimeter.