[lug] Installfest next Saturday.

[Nate Duehr]

bgiles at coyotesong.com wrote:

> 1) Debian now supports encrypted swap with an ephemeral key.  ("ephemeral"
> since a random key is selected every time you reboot the system.)  This
> should be a no-brainer -- there's a modest performance hit but it ensures
> that otherwise encrypted information and keys won't be leaked through the
> swap partition.

I don't get it.  Anyone gets into the box, they're accessing the swap 
partition through the unencryption - so what good is this?

> 2) The debian installer now supports LVM (iirc).  This makes it easy to
> create the partitions that you know you need to create for security
> reasons but haven't since it's a hassle.

Nice.

> 3) Debian now supports encrypted filesystems.  It supports encrypted ROOT
> filesystems.  There's a performance hit, but that's a tradeoff against the
> privacy hit if the disk is stolen.

Still don't get it.  If I steal your disk and boot it, the encryption 
stops working so I can't read it?  I doubt it.  Unless there's a 
password step involved there somewhere to authenticate (encryption and 
authentication are of course, two very separate and distinct things) the 
end-user of the disk during boot or something.

> Most people keep their encryption keys on USB disks.  They just need to
> have it plugged in when the boot the system.

Ahhh.. I see.  Weird.

> You'll still need a separate, unencrypted /boot partition.

Heh.  I bet.

> 4) Which brings us to this one guy....
> 
> Basically he was tired of getting hassled at the airport.  The screeners
> would let the guys running windows through without a second glance, but
> gave him grief since his desktop didn't look right and they had never
> heard of Linux.

Don't you just love the spectre of "hope" the airline security guys now 
give.  Of course, true "security" on airlines *is* a false hope, but at 
least they're now making it so painful that the very light jet market 
will boom.  Adam Aircraft at Centennial airport is thanking the TSA all 
the way to the bank.  ;-)

> So he created a disk that would normally boot to a small Windows
> partition.  But he also had a USB disk containing a boot image that would
> launch an encrypted root partition on the laptop.  The USB disk
> undoubtably lived on his keyring, or someplace similarly secure.  It would
> take a very knowledgeable attacker to realize that there was anything on
> the system other than Windows, and even then they couldn't do anything
> with that knowledge.

Weren't USB keys banned UK to US during the big recent flap?  All 
personal electronics?

> It probably isn't wise to set up newcomers with encrypted filesystems --
> how long will it take them to lose the key?  But everyone should know it's
> possible, esp. for laptops, and it probably isn't unreasonable to set up
> encrypted swap space by default.

Biometrics would work better for this.  Key encrypted on disk, BIOS 
unencrypts if biometrics match.  Yadda yadda yadda...  but someone will 
figure out a way around that too.  Just handcuff the laptop to your arm. 
  That'll work!  (Still a little hard to get through Airport Security 
that way, but probably easier than booting -- god forbid -- Linux!  GRIN...)

> The instructions are in the cryptsetup package documentation.  Basically
> just need to change the 'swap' entry in /etc/fstab to refer to 'cswap'
> instead of a physical device, then define 'cswap' in the /etc/crypttab
> file.  (Or is it the /etc/encryptdisks file?).  Only takes a few minutes.

I guess I "get it" but I don't think it adds as much value as people 
think... ?

Mental note to self: Stop losing laptops.  Hah.  Maybe better yet, stop 
doing work on laptops.  Go home, enjoy the evening, work on desktop 
machines at work.  Heh heh.  (Yeah yeah, I know people have to travel... 
but heck, my industry -- teleconferencing -- has in inverse relationship 
with travel also... when people don't travel (can't afford to, 
whatever...) our sales go up.  Been that way since the early 1990's.)

Nate