Buchanan walks through his process of experimenting with low-cost fault-injection attacks as an alternative when typical software bugs aren't available to exploit.

  • LunchMoneyThief@links.hackliberty.org
    ·
    2 months ago

    It's a bit more nuanced even.

    If you have one-time physical access, then you have total access, permitting the storage is not encrypted.

    If you have recurring, undetected physical access, then you have total access.

    Ex: Dropping a script into someone's unencrypted /boot partition that captures the decryption credential, then coming back later to collect the credential and maybe also remove the evidence.