Jump to content

mildparanoia

Members
  • Posts

    3
  • Joined

  • Last visited

  1. Hello, I installed Armbian 22.05.3 Jammy on a Rock Pi 4A+. Unfortunately 3 out of 4 USB ports do not work; only the USB 3.0 OTG port works. I tried using the Debian Buster download from Radxa, and all four ports work. Any suggestion on how to fix this with Armbian?
  2. Hi, MMGen, thank you for your contribution here. I have a Rock Pi 4A+ and am trying to install Armbian to the eMMC module, fully encrypted. After running your script for /dev/mmcblk1 (the eMMC module) I am getting the following error: armbian_rootenc_setup.sh:841: copy_system_root() failed at command 'cryptsetup luksOpen "/dev/$ROOT_DEVNAME" $ROOTFS_NAME' I tried to unlock it manually but it doesn't work: cryptsetup luksOpen /dev/mmcblk1p2 temp No key available with this passphrase. (Yes I did use the correct key which I entered during the setup script's prompt) Any suggestions on how to fix this? Found the problem; the script isn't creating the encrypted partition correctly. If I make the luks partition manually, the script works.
  3. What do you think about SBCs as the preferred platform to handle encrypted/sensitive/classified data? The threat model would be for frequent travelers, against things like evil maid attacks on laptops left in a hotel room or while the laptop is separated from you during travel. The sensitive data would be kept on an encrypted portable hard drive. It would be decrypted and mounted by the SBC, which only allows login via SSH from your laptop's public key. SBCs have a number of benefits over desktops and laptops, namely: Its hardware is plainly inspectable and difficult to tamper with. Unlike desktops or laptops which are vulnerable to evil maid attacks, you may leave an SBC even in the hands of an evil maid, but doing some reverse-engineering to solder on a hardware bug while not being noticeable or adversely affecting the function of the SBC will be challenging. In a desktop or laptop, how often do people go inspect the hardware for keyloggers or side-channel attacks like this? https://hackaday.com/2022/07/22/satan-turns-hard-drive-cable-into-antenna-to-defeat-air-gapped-security/ It will be difficult for an evil maid to alter the O/S on a microSD card in your pocket Even if someone manages to install spyware on your O/S, the very nature of SBC O/Ses is that they are portable (on a SD card) and can be re-written easily with a fresh image
×
×
  • Create New...