I’m starting a project in which I want to create a network appliance using BeagleBone Black. I want to be able to boot Linux (/ partition) from the on-board storage (should be no problems there, I think) and have things like the /etc, /var, /home and other sundry partitions located on the SD card, which I want to run encrypted. I want to do this because that way I can give my appliance software (which will live on the SD card) copy protection by virtue of being encrypted.
Now here’s the interesting bit…as this will be an appliance, it will run headless, so the encryption/decryption will have to pick up passphrases, keys, etc, without user intervention. I can see this working OK, as the core OS will be running unencrypted, and I can run a shell script in the / partition which has booted to allow decryption of the SD media…at least I think I can do that…
Anyone got any experience or comments? Is what I’m suggesting possible (or stupid?)
Thanks for any pearls of wisdom!!
Encryption is doable but will not accomplish what you want. You want
to encrypt your filesystem but you need to decrypt it automatically.
Whatever your system will be doing on bootup to decrypt, can also be
done by hand by someone who gets hold of your SD card. The secure
systems do it by having private keys in secure storage that is
accessed by a secure bootloader, which is not available on the BBB.
Concentrate on designing an amazing system and executing it really
well, not on IP protection:)
It’s not so much protection of IP as protection of the user…The appliance is complex, and I am trying to keep people with no Linux skills from doing anything other than via a Web GUI…If they can only get into the device through a webserver, I have a better chance of controlling what they do
You mention a secure bootloader…can you suggest any good documentation? I have Googled, and I have found some stuff on “shim” and the UEFI bootloader from Linux Foundation, but Ive not located much documentation…probably because they are apparently new…any info you can give would be appreciated!
Secure boot requires more than just software---it has to be a complete
software/hardware setup that covers every step in the boot process,
starting from the initial reset vector executing the primary
bootloader, to secondary, to loading and executing the OS image. This
usually requires verifying cryptographic signatures on every new piece
of software you bring in, and so it requires an elaborate development
Development boards such as BBB do not do that, because all this
signing of executables would make rapid development quite cumbersome.
Even commercial systems rarely implement secure booting, although the
new Windows-8 hardware spec requires a secure UEFI boot subsystem for
PCs (it's optional for x86 and mandatory for ARM). If you're serious
about this requirement, maybe you should look at the Microsoft Surface
RT ARM tablet: MS is apparently willing to sign and allow third-party
bootables, and since it seems to be a failed commercial project, you
may be able to get them cheap in the future