Poettering: Authenticated Boot and Disk Encryption on Linux

Here's a
lengthy missive from Lennart Poettering taking Linux distributors to
task for inadequately protecting systems from physical attacks.

So, does the scheme so far implemented by generic Linux
distributions protect us against the latter two scenarios?
Unfortunately not at all. Because distributions set up disk
encryption the way they do, and only bind it to a user password, an
attacker can easily duplicate the disk, and then attempt to brute
force your password. What's worse: since code authentication ends
at the kernel — and the initrd is not authenticated anymore —,
backdooring is trivially easy: an attacker can change the initrd
any way they want, without having to fight any kind of protections.

The article contains a lot of suggestions for how to do things better.