Yes, a can of worms... But general direction would be nice...

Gabriel Gunderson gabe at
Wed Jul 15 10:44:54 MDT 2009

On Wed, Jul 15, 2009 at 9:20 AM, Andrew McNabb<amcnabb at> wrote:
>> Well, I guess if you had md5/sha1 sums (that you can trust) of every
>> file on your system and you're willing to go file-by-file and verify
>> them when mounted on a trusted system (*not* the one that was hacked),
>> then, maybe, you could sleep again at night knowing all is well.
> Even then, the kernel could be modified to lie about the contents of the
> files.  You really can't trust anything.

Right, if you read the above, you'll see that the suggestion is to use
a different system and *not* boot to the kernel of the hacked box.

I only point this out because I got 2 responses that start with "Even
then," and then go on to cover items that I already mentioned ;)


More information about the PLUG mailing list