Poettering: Authenticated Boot and Disk Encryption on Linux

Here's alengthy missive from Lennart Poettering taking Linux distributors totask for inadequately protecting systems from physical attacks.

So, does the scheme so far implemented by generic Linuxdistributions protect us against the latter two scenarios?Unfortunately not at all. Because distributions set up diskencryption the way they do, and only bind it to a user password, anattacker can easily duplicate the disk, and then attempt to bruteforce your password. What's worse: since code authentication endsat the kernel - and the initrd is not authenticated anymore -,backdooring is trivially easy: an attacker can change the initrdany way they want, without having to fight any kind of protections.

The article contains a lot of suggestions for how to do things better.