[lug] Installfest next Saturday.

D. Stimits stimits at comcast.net
Tue Aug 22 20:22:44 MDT 2006 

Nate Duehr wrote:

> bgiles at coyotesong.com wrote:
>
>> 1) Debian now supports encrypted swap with an ephemeral key.  
>> ("ephemeral"
>> since a random key is selected every time you reboot the system.)  This
>> should be a no-brainer -- there's a modest performance hit but it 
>> ensures
>> that otherwise encrypted information and keys won't be leaked through 
>> the
>> swap partition.
>
>
> I don't get it.  Anyone gets into the box, they're accessing the swap 
> partition through the unencryption - so what good is this?
>
Suppose your drive fails. Or it's not a drive worth keeping, and your 
legacy controller dies. So something is fated for the trash can...you'll 
either need a good workout with a large mallet, or perhaps nothing at 
all if it was encrypted. Maybe you want to send your drive for recovery 
of the non-encrypted portions, without providing random other data.
...

>
>> 3) Debian now supports encrypted filesystems.  It supports encrypted 
>> ROOT
>> filesystems.  There's a performance hit, but that's a tradeoff 
>> against the
>> privacy hit if the disk is stolen.
>
>
> Still don't get it.  If I steal your disk and boot it, the encryption 
> stops working so I can't read it?  I doubt it.  Unless there's a 
> password step involved there somewhere to authenticate (encryption and 
> authentication are of course, two very separate and distinct things) 
> the end-user of the disk during boot or something.
>
Suppose you're talking about your home system or a system at work that 
isn't booted 24/7, and someone breaks in to your home...
...

>
>> It probably isn't wise to set up newcomers with encrypted filesystems --
>> how long will it take them to lose the key?  But everyone should know 
>> it's
>> possible, esp. for laptops, and it probably isn't unreasonable to set up
>> encrypted swap space by default.
>
>
> Biometrics would work better for this.  Key encrypted on disk, BIOS 
> unencrypts if biometrics match.  Yadda yadda yadda...  but someone 
> will figure out a way around that too.  Just handcuff the laptop to 
> your arm.  That'll work!  (Still a little hard to get through Airport 
> Security that way, but probably easier than booting -- god forbid -- 
> Linux!  GRIN...)
>
If someone installs snooping software, it won't matter if you used a 
key, a password, or a biometric scanner. However, you'll have to erase 
the original keys and passwords. You're going to have a hard time doing 
this after your fingerprints are removed (just wait till we get the DNA 
version).

>> The instructions are in the cryptsetup package documentation.  Basically
>> just need to change the 'swap' entry in /etc/fstab to refer to 'cswap'
>> instead of a physical device, then define 'cswap' in the /etc/crypttab
>> file.  (Or is it the /etc/encryptdisks file?).  Only takes a few 
>> minutes.
>
>
> I guess I "get it" but I don't think it adds as much value as people 
> think... ?
>
Washing your hands with plain soap won't sterilize them. Of course, 
you'd have a hard time preparing for surgery if you only use steps which 
are 100% effective in the first step. It adds complete security and 
partial security for certain situations. Just because it won't work in 
all situations doesn't mean it isn't useful or prudent.

Sorry, had to have some fun! I should start selling biometric security 
update tools on ebay (consisting of sandpaper, a keyboard that works 
with elbows, and bandages...the aspirin accelerator tool is extra).

D. Stimits, stimits AT comcast DOT net

More information about the LUG mailing list