[gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Tanstaafl]

Wow, I've been mostly offline for a few days, and this morning when 
playing catch up on the news, learned that Truecrypt, one of my all time 
favorite apps, is no more.

Some links of interest:

https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html

https://news.ycombinator.com/item?id=7812133

http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Volker Armin Hemmann]

Am 01.06.2014 14:31, schrieb Tanstaafl:
> Wow, I've been mostly offline for a few days, and this morning when
> playing catch up on the news, learned that Truecrypt, one of my all
> time favorite apps, is no more.
>
> Some links of interest:
>
> https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
>
> https://news.ycombinator.com/item?id=7812133
>
> http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1
>
>

well, if true: good riddance. But I suspect some hacker-y or power
struggle.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Dale]

Volker Armin Hemmann wrote:
> Am 01.06.2014 14:31, schrieb Tanstaafl:
>> Wow, I've been mostly offline for a few days, and this morning when
>> playing catch up on the news, learned that Truecrypt, one of my all
>> time favorite apps, is no more.
>>
>> Some links of interest:
>>
>> https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
>>
>> https://news.ycombinator.com/item?id=7812133
>>
>> http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1
>>
>>
> well, if true: good riddance. But I suspect some hacker-y or power
> struggle.
>
>

I'm considering encrypting my home partition one of these days.  Given
the things that have come out in recent months, back doors and such,
what is a good program/software/tool to use that is well . . . secure? 
Is there such a thing now?

Dale

:-)  :-) 

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Michael Hampicke]

[-- Attachment #1: Type: text/plain, Size: 1111 bytes --]

Am 02.06.2014 10:22, schrieb Dale:
> Volker Armin Hemmann wrote:
>> Am 01.06.2014 14:31, schrieb Tanstaafl:
>>> Wow, I've been mostly offline for a few days, and this morning when
>>> playing catch up on the news, learned that Truecrypt, one of my all
>>> time favorite apps, is no more.
>>>
>>> Some links of interest:
>>>
>>> https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
>>>
>>> https://news.ycombinator.com/item?id=7812133
>>>
>>> http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1
>>>
>>>
>> well, if true: good riddance. But I suspect some hacker-y or power
>> struggle.
>>
>>
> 
> I'm considering encrypting my home partition one of these days.  Given
> the things that have come out in recent months, back doors and such,
> what is a good program/software/tool to use that is well . . . secure? 
> Is there such a thing now?
> 

Depends on your needs, for encrypting complete devices/partitions try
the kernels dm-crypt/luks module. If you just want to encrypt a
directory try encfs, and for file encryption there's openssl and gpg


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 754 bytes --]

On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote:

> > I'm considering encrypting my home partition one of these days.  Given
> > the things that have come out in recent months, back doors and such,
> > what is a good program/software/tool to use that is well . . .
> > secure? Is there such a thing now?
 
> Depends on your needs, for encrypting complete devices/partitions try
> the kernels dm-crypt/luks module. If you just want to encrypt a
> directory try encfs, and for file encryption there's openssl and gpg

Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which
needs FUSE, when ecryptfs does the same thing in kernel space?


-- 
Neil Bothwick

Blessed be the pessimist for he hath made backups.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Volker Armin Hemmann]

Am 02.06.2014 10:22, schrieb Dale:
> Volker Armin Hemmann wrote:
>> Am 01.06.2014 14:31, schrieb Tanstaafl:
>>> Wow, I've been mostly offline for a few days, and this morning when
>>> playing catch up on the news, learned that Truecrypt, one of my all
>>> time favorite apps, is no more.
>>>
>>> Some links of interest:
>>>
>>> https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
>>>
>>> https://news.ycombinator.com/item?id=7812133
>>>
>>> http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1
>>>
>>>
>> well, if true: good riddance. But I suspect some hacker-y or power
>> struggle.
>>
>>
> I'm considering encrypting my home partition one of these days.  

why? if you are hacked, they just read what you are reading. Encryption
does not help you there at all.
If your box is used by the state against you they just force you to give
them the keys.

Just rm -rf /home if they a knocking on your door.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 433 bytes --]

On Mon, 02 Jun 2014 11:24:35 +0200, Volker Armin Hemmann wrote:

> > I'm considering encrypting my home partition one of these days.    
> 
> why? if you are hacked, they just read what you are reading. Encryption
> does not help you there at all.

It helps if your computer is stolen. This is more, but not only, relevant
to laptops.


-- 
Neil Bothwick

Member, National Association For Tagline Assimilators (NAFTA)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Dale]

Neil Bothwick wrote:
> On Mon, 02 Jun 2014 11:24:35 +0200, Volker Armin Hemmann wrote:
>
>>> I'm considering encrypting my home partition one of these days.    
>> why? if you are hacked, they just read what you are reading. Encryption
>> does not help you there at all.
> It helps if your computer is stolen. This is more, but not only, relevant
> to laptops.
>
>

I admit, I have never used encryption like this before.  I am assuming
that if I logout of my GUI, then it is encrypted at that point?  Once I
log back in, it decrypts it again?  Am I at least close? 

I do have a desktop system.  No lappy, yet anyway.  Maybe one of these days.

Dale

:-)  :-)

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Alan McKinnon]

On 02/06/2014 11:48, Dale wrote:
> Neil Bothwick wrote:
>> On Mon, 02 Jun 2014 11:24:35 +0200, Volker Armin Hemmann wrote:
>>
>>>> I'm considering encrypting my home partition one of these days.    
>>> why? if you are hacked, they just read what you are reading. Encryption
>>> does not help you there at all.
>> It helps if your computer is stolen. This is more, but not only, relevant
>> to laptops.
>>
>>
> 
> I admit, I have never used encryption like this before.  I am assuming
> that if I logout of my GUI, then it is encrypted at that point?  Once I
> log back in, it decrypts it again?  Am I at least close? 

All disk encryption works to this general plan:

You log in (or boot up), the system asks for a password/key or whatever,
then unlocks the encryption used. Reads for the disk are decrypted on
the fly, writes are encrypted on the fly. What is on disk is always in
an encrypted state.

Safety depends on how you set it up - if you use full disk encryption
then you must unlock it at boot time. The disk is still readable until
you power off or reboot.

If you encrypt your home directory then you unlock it when you log in so
logging out of your DE safely locks things again.

You most likely want the second option, the odds that you have a valid
need to protect /usr and /opt are not good. As a regular user out there,
the stuff you want to protect is in /home (or you could easily move it
to /home). You'd also want to encrypt /tmp and swap as your running apps
often write secret stuff there (like ssh and gpg sockets) - that is
really just an extension of why you want to encrpyt /home itself


> I do have a desktop system.  No lappy, yet anyway.  Maybe one of these days.
> 
> Dale
> 
> :-)  :-)
> 


-- 
Alan McKinnon
alan.mckinnon@gmail.com

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Tanstaafl]

On 6/1/2014 1:45 PM, Volker Armin Hemmann <volkerarmin@googlemail.com> 
wrote:
> Am 01.06.2014 14:31, schrieb Tanstaafl:
>> Wow, I've been mostly offline for a few days, and this morning when
>> playing catch up on the news, learned that Truecrypt, one of my all
>> time favorite apps, is no more.
>>
>> Some links of interest:
>>
>> https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
>>
>> https://news.ycombinator.com/item?id=7812133
>>
>> http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1

> well, if true: good riddance.

Just because you don't like something doesn't mean it has no value. Yes, 
on linux, there are much better options, but for windows users, it is 
(was) the best solution available bar none, and an amazing product.

> But I suspect some hacker-y or power struggle.

Which means you took zero seconds to verify the veracity of the 
information. Uninformed comments are less than useless.

And I forgot that most here are not windows users for whatever reason 
(some are just elitist pricks, some are purists for philosophical 
reasons, and some simply don't have to use Windows for a $dayjob.

The fact is, Truecrypt is (was) THE GoTo encryption method for purely 
Windows based systems.

I just thought there might actually be some rational people on the list 
that would like to discuss the ramifications of such a major happening.

Guess I was wrong.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Michael Hampicke]

[-- Attachment #1: Type: text/plain, Size: 787 bytes --]

Am 02.06.2014 11:20, schrieb Neil Bothwick:
> On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote:
> 
>>> I'm considering encrypting my home partition one of these days.  Given
>>> the things that have come out in recent months, back doors and such,
>>> what is a good program/software/tool to use that is well . . .
>>> secure? Is there such a thing now?
>  
>> Depends on your needs, for encrypting complete devices/partitions try
>> the kernels dm-crypt/luks module. If you just want to encrypt a
>> directory try encfs, and for file encryption there's openssl and gpg
> 
> Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which
> needs FUSE, when ecryptfs does the same thing in kernel space?
> 

True, I totally forgot about ecryptfs :-)


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Dale]

Alan McKinnon wrote:
> On 02/06/2014 11:48, Dale wrote:
>
>> I admit, I have never used encryption like this before.  I am assuming
>> that if I logout of my GUI, then it is encrypted at that point?  Once I
>> log back in, it decrypts it again?  Am I at least close? 
> All disk encryption works to this general plan:
>
> You log in (or boot up), the system asks for a password/key or whatever,
> then unlocks the encryption used. Reads for the disk are decrypted on
> the fly, writes are encrypted on the fly. What is on disk is always in
> an encrypted state.
>
> Safety depends on how you set it up - if you use full disk encryption
> then you must unlock it at boot time. The disk is still readable until
> you power off or reboot.
>
> If you encrypt your home directory then you unlock it when you log in so
> logging out of your DE safely locks things again.
>
> You most likely want the second option, the odds that you have a valid
> need to protect /usr and /opt are not good. As a regular user out there,
> the stuff you want to protect is in /home (or you could easily move it
> to /home). You'd also want to encrypt /tmp and swap as your running apps
> often write secret stuff there (like ssh and gpg sockets) - that is
> really just an extension of why you want to encrpyt /home itself
>

The second option does sound what I am looking for.  Basically, if I log
out but leave my computer on, leave home, some crook/NSA type breaks in
and tries to access something or steals my whole puter, they would just
get garbage for data.  That seems to fit the second option best. 

I'll have to get me a new hard drive first tho.  I'm going to try and
get a 4TB drive at some point and use the current 3TB drive for backups,
encrypted to I hope. 

Thanks for the info.  Water is not quite so muddy. 

Dale

:-)  :-) 

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Rich Freeman]

On Mon, Jun 2, 2014 at 6:06 AM, Alan McKinnon <alan.mckinnon@gmail.com> wrote:
> You log in (or boot up), the system asks for a password/key or whatever,
> then unlocks the encryption used.

The more common approach is to not prompt for a password/key, but
instead store it in the TPM using a trusted boot path.  This is
possible on Linux, but the only "distro" using it is ChromeOS as far
as I'm aware (granted, there are probably more Chromebooks in desktop
use these days than all the other distros combined).  On Windows this
is how just about everybody does it.

This is far more convenient as it does not require a password when
booting.  If you don't trust the person who will be using the machine
it is more secure against attacks by the legitimate user (typically in
these situations the computer is owned by a corporation, not the
end-user).

On the other hand, if somebody steals your laptop they can boot it
without issue.  Then if they have some way to exploit the running OS
they can get at the contents of the drive (though the home directory
could still be encrypted using the user's password on top of full-disk
encryption).

For attacks by anybody other than the NSA using the TPM is potentially
a lot more secure.  Instead of depending on a bunch of rounds of
crypto to prevent brute-forcing of a simple password you are depending
on the security of the TPM.  The TPM can be told to forget the key
after a certain number of failed attempts to get at it.  If you're
worried about the NSA it seems likely that your TPM has a back door
for them, but my sense is that if the NSA is THAT determined to get
your data there really isn't anything you're going to be able to do
about it.

Rich

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 644 bytes --]

On Mon, 02 Jun 2014 12:06:18 +0200, Alan McKinnon wrote:

> If you encrypt your home directory then you unlock it when you log in so
> logging out of your DE safely locks things again.
> 
> You most likely want the second option, the odds that you have a valid
> need to protect /usr and /opt are not good. As a regular user out there,
> the stuff you want to protect is in /home (or you could easily move it
> to /home).

With one notable exception. There is sometimes sensitive information
in /etc, like wireless passwords.


-- 
Neil Bothwick

Being defeated is a temporary condition. Giving up is what makes it
permanent

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 615 bytes --]

On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:

> The second option does sound what I am looking for.  Basically, if I log
> out but leave my computer on, leave home, some crook/NSA type breaks in
> and tries to access something or steals my whole puter, they would just
> get garbage for data.  That seems to fit the second option best. 

If they steal your computer they will have to power it off, unless you
are kind enough to leave them a large enough UPS to steal along with it,
so any encryption will be equally effective.


-- 
Neil Bothwick

Capt'n! The spellchecker kinna take this abuse!

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Volker Armin Hemmann]

Am 02.06.2014 12:22, schrieb Tanstaafl:
> On 6/1/2014 1:45 PM, Volker Armin Hemmann <volkerarmin@googlemail.com>
> wrote:
>> Am 01.06.2014 14:31, schrieb Tanstaafl:
>>> Wow, I've been mostly offline for a few days, and this morning when
>>> playing catch up on the news, learned that Truecrypt, one of my all
>>> time favorite apps, is no more.
>>>
>>> Some links of interest:
>>>
>>> https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html
>>>
>>> https://news.ycombinator.com/item?id=7812133
>>>
>>> http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1
>
>> well, if true: good riddance.
>
> Just because you don't like something doesn't mean it has no value.
> Yes, on linux, there are much better options, but for windows users,
> it is (was) the best solution available bar none, and an amazing product.

no, I mean good riddance of a shady, probably stolen software with
unknown devs behind it holding the keys to your data. You should sweat a
lot right now.

>
>> But I suspect some hacker-y or power struggle.
>
> Which means you took zero seconds to verify the veracity of the
> information. Uninformed comments are less than useless.

I took a lot of time to gather information. And came to the conclusion
mentioned above. But please continue to waste my time with your useless
posts on this ml and your overall insulting tone. Oh, you know what,
forget it. I am always eager to lower the overall standards of
conversation.

>
> And I forgot that most here are not windows users for whatever reason
> (some are just elitist pricks, some are purists for philosophical
> reasons, and some simply don't have to use Windows for a $dayjob.

what does this mangled mess of a sentence has to do with anything?
Besides, you forgot: people who just don't like Windows or MacOSX and
are happy that they don't have to use that garbage at home. Bad enough
that you have to use it at work.

>
> The fact is, Truecrypt is (was) THE GoTo encryption method for purely
> Windows based systems.

really? Why? And why should I care? There are many (good) methods.
Another one will take over soon. But if I ask any of my 300 co-workers,
I am sure that only 3 would know what truecrypt is.

>
> I just thought there might actually be some rational people on the
> list that would like to discuss the ramifications of such a major
> happening.
>
> Guess I was wrong.
>

what 'ramifications'? that a shady software, developed in the shadow,
with a strange licence suddenly goes away?

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Dale]

Neil Bothwick wrote:
> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>
>> The second option does sound what I am looking for.  Basically, if I log
>> out but leave my computer on, leave home, some crook/NSA type breaks in
>> and tries to access something or steals my whole puter, they would just
>> get garbage for data.  That seems to fit the second option best. 
> If they steal your computer they will have to power it off, unless you
> are kind enough to leave them a large enough UPS to steal along with it,
> so any encryption will be equally effective.
>
>

True but just in case they decide to sit down and give it a whirl first,
may as well be encrypted.  It gives me a shot at least.  I access my
bank and such on this thing.  I'd rather they not get that for sure. 

That said, my UPS claims it will run for about a hour or so.  They could
go quite a ways around here in a hour. 

Dale

:-)  :-) 

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 413 bytes --]

On Mon, 02 Jun 2014 06:04:44 -0500, Dale wrote:

> That said, my UPS claims it will run for about a hour or so.  They could
> go quite a ways around here in a hour. 

Mine won't last that long, but it does make quite a racket when you
disconnect the mains, maybe loud enough to have a thief leave it behind.


-- 
Neil Bothwick

Life is a sexually transmitted disease and the mortality rate is 100%.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Rich Freeman]

On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>
>> The second option does sound what I am looking for.  Basically, if I log
>> out but leave my computer on, leave home, some crook/NSA type breaks in
>> and tries to access something or steals my whole puter, they would just
>> get garbage for data.  That seems to fit the second option best.
>
> If they steal your computer they will have to power it off, unless you
> are kind enough to leave them a large enough UPS to steal along with it,
> so any encryption will be equally effective.

If you're worried about casual thieves then just about any kind of
properly-implemented encryption will stop them.

If you're worried about a government official specifically tasked with
retrieving your computer, my understanding is that it is SOP these
days to retrieve your computer without powering it off for just this
reason.  They won't use your UPS to do it.  Typically they remove the
plug just far enough to expose the prongs, slide in a connector that
connects it to a UPS, and then they pull it out the rest of the way
now powered by the UPS.

See something like:
http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/

Presumably somebody who is determined will also have the means to
retrieve the contents of RAM once they seize your computer.  Besides
directlly accessing the memory bus I think most motherboards are not
designed to be secure against attacks from PCI/firewire/etc.

Rich

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Dale]

Neil Bothwick wrote:
> On Mon, 02 Jun 2014 06:04:44 -0500, Dale wrote:
>
>> That said, my UPS claims it will run for about a hour or so.  They could
>> go quite a ways around here in a hour. 
> Mine won't last that long, but it does make quite a racket when you
> disconnect the mains, maybe loud enough to have a thief leave it behind.
>
>


I have a CyberPower 1350 and it runs quiet.  It does have a small fan
that comes on when running off the batteries but it's quiet enough.  The
beeping gets on my nerves tho.  My puter only pulls about 150 watts and
that is with the router, modem and monitor all running.  If they unplug
all that except for the puter, then it may run for over a hour. 

What I should do when I have the puter turned off again is run the power
plug through my desk or something in such a way that it would have to be
unplugged before moving the puter.  Well, I guess they could take the
desk to but given the layout of the place, good luck with that.  I had
to disassemble the desk to get it down the hallway. 

Gosh, this could get a bit crazy after a while.  Thing is, I don't have
any trust in the Govt here.  It's been questionable for a good long
while but now, zip, nada, null etc etc etc. 

Now to catch those 4TB drives on sale.  ;-) 

Dale

:-)  :-) 

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Mark David Dumlao]

On Mon, Jun 2, 2014 at 5:20 PM, Neil Bothwick <neil@digimed.co.uk> wrote:
> On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote:
>
>> > I'm considering encrypting my home partition one of these days.  Given
>> > the things that have come out in recent months, back doors and such,
>> > what is a good program/software/tool to use that is well . . .
>> > secure? Is there such a thing now?
>
>> Depends on your needs, for encrypting complete devices/partitions try
>> the kernels dm-crypt/luks module. If you just want to encrypt a
>> directory try encfs, and for file encryption there's openssl and gpg
>
> Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which
> needs FUSE, when ecryptfs does the same thing in kernel space?
>

for dual-boot systems, or simply from the point of system recovery, I
find it really attractive that I can, for example, open an encfs
filesystem in "the other operating system" (there's an encfs for
windows). Besides, I think the fact that you're doing encryption /
decryption on the fly completely overshadows the performance hit from
running a userspace filesystem anyways. Also, it's extremely
convenient to be able to mount / unmount the encfs on the fly without
su, sudo, or messing with fstab, as, for instance, with the case of
portable hard disks or usb sticks, where you don't want to
automatically unencrypt the contents unless you're prompted for the
password.
-- 
This email is:    [ ] actionable   [x] fyi        [ ] social
Response needed:  [ ] yes          [x] up to you  [ ] no
Time-sensitive:   [ ] immediate    [ ] soon       [x] none

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Dale]

Rich Freeman wrote:
> If you're worried about casual thieves then just about any kind of
> properly-implemented encryption will stop them.
>
> If you're worried about a government official specifically tasked with
> retrieving your computer, my understanding is that it is SOP these
> days to retrieve your computer without powering it off for just this
> reason.  They won't use your UPS to do it.  Typically they remove the
> plug just far enough to expose the prongs, slide in a connector that
> connects it to a UPS, and then they pull it out the rest of the way
> now powered by the UPS.
>
> See something like:
> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
>
> Presumably somebody who is determined will also have the means to
> retrieve the contents of RAM once they seize your computer.  Besides
> directlly accessing the memory bus I think most motherboards are not
> designed to be secure against attacks from PCI/firewire/etc.
>
> Rich
>
>


Now that is wicked.  Like I said, this could get crazy.  ROFL  Thing is,
with Linux, it could be set up to run a script so that if say the
keyboard/mouse/some other device is removed, it runs shutdown.  It seems
the biggest thing as for as Govt goes, having it do something they can't
anticipate it doing that locks things down or does a rm -rfv /* or some
other nasty command. 

I might add, on a older rig I tried that command once.  I ran rm -rfv /*
and it didn't erase everything like I thought it would.  I figured the
command would be loaded in ram and would run until the end of the /
structure.  It didn't.  I can't recall how far it got now but I think it
was in the /proc directory.  I figure it deleted the process and sort of
forgot to finish.  It's been a while since I did that tho.  Details are
fuzzy. 

Dale

:-)  :-) 

-- 
I am only responsible for what I said ... Not for what you understood or how you interpreted my words!

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:

> On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
>> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
>>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>>>> The second option does sound what I am looking for.  Basically, if I log
>>>> out but leave my computer on, leave home, some crook/NSA type breaks in
>>>> and tries to access something or steals my whole puter, they would just
>>>> get garbage for data.  That seems to fit the second option best.
>>> 
>>> If they steal your computer they will have to power it off, unless you
>>> are kind enough to leave them a large enough UPS to steal along with it,
>>> so any encryption will be equally effective.
>> 
>> If you're worried about casual thieves then just about any kind of
>> properly-implemented encryption will stop them.
>> 
>> If you're worried about a government official specifically tasked with
>> retrieving your computer, my understanding is that it is SOP these
>> days to retrieve your computer without powering it off for just this
>> reason.  They won't use your UPS to do it.  Typically they remove the
>> plug just far enough to expose the prongs, slide in a connector that
>> connects it to a UPS, and then they pull it out the rest of the way
>> now powered by the UPS.
>> 
>> See something like:
>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
> 
> Hmm... Those are nice, but can be easily built yourself with an off-the-shelf 
> UPS.
> 
>> Presumably somebody who is determined will also have the means to
>> retrieve the contents of RAM once they seize your computer.  Besides
>> directlly accessing the memory bus I think most motherboards are not
>> designed to be secure against attacks from PCI/firewire/etc.
> 
> Hmm... add something to auto-shutdown the computer when a hotplug event occurs 
> on any of the internal ports and remove support for unused ports from the 
> kernel.
> 
> I wonder how they'd keep a computer from initiating a shutdown procedure or 
> causing a kernel panic when it looses (wireless) connection to another device 
> that is unlikely to be moved when powered up?

Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time.

Swap uses random keys.

network switches and routers get power only after firewall-server is up and running.

There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader.

System is not protected against hardware tamperment. The server room is an RF-cage.

I consoder this setup quite secure.

-- 
-Matti

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 1151 bytes --]

On Mon, 2 Jun 2014 19:34:40 +0800, Mark David Dumlao wrote:

> > Definitely dm-crypt/LUKS for partitions/devices, but why use encfs
> > which needs FUSE, when ecryptfs does the same thing in kernel space?

> for dual-boot systems, or simply from the point of system recovery, I
> find it really attractive that I can, for example, open an encfs
> filesystem in "the other operating system" (there's an encfs for
> windows).

I don't use Windows, so my "other operating system" is usually System
Rescue Cd :)

> Besides, I think the fact that you're doing encryption /
> decryption on the fly completely overshadows the performance hit from
> running a userspace filesystem anyways.

Or adds to it...

> Also, it's extremely
> convenient to be able to mount / unmount the encfs on the fly without
> su, sudo, or messing with fstab, as, for instance, with the case of
> portable hard disks or usb sticks, where you don't want to
> automatically unencrypt the contents unless you're prompted for the
> password.

AFAIR ecryptfs doesn't require root privileges.


-- 
Neil Bothwick

Anyone able to feel pain is trainable.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Michael Hampicke]

[-- Attachment #1: Type: text/plain, Size: 826 bytes --]

> I might add, on a older rig I tried that command once.  I ran rm -rfv /*
> and it didn't erase everything like I thought it would.  I figured the
> command would be loaded in ram and would run until the end of the /
> structure.  It didn't.  I can't recall how far it got now but I think it
> was in the /proc directory.  I figure it deleted the process and sort of
> forgot to finish.  It's been a while since I did that tho.  Details are
> fuzzy. 

# rm -rfv /
rm: it is dangerous to operate recursively on ‘/’
rm: use --no-preserve-root to override this failsafe

# rm -rfv --no-preserve-root /
** deletes lots of stuff**
** cannot delete in /proc **
** cannot delete in /sys **
** deletes more stuff **
** finshed with status 0 **

System broken :-) Don't worry, it was only a virtual machine.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Jun 2, 2014, at 15:06, Dale <rdalek1967@gmail.com> wrote:

> Rich Freeman wrote:
>> If you're worried about casual thieves then just about any kind of
>> properly-implemented encryption will stop them.
>> 
>> If you're worried about a government official specifically tasked with
>> retrieving your computer, my understanding is that it is SOP these
>> days to retrieve your computer without powering it off for just this
>> reason.  They won't use your UPS to do it.  Typically they remove the
>> plug just far enough to expose the prongs, slide in a connector that
>> connects it to a UPS, and then they pull it out the rest of the way
>> now powered by the UPS.
>> 
>> See something like:
>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
>> 
>> Presumably somebody who is determined will also have the means to
>> retrieve the contents of RAM once they seize your computer.  Besides
>> directlly accessing the memory bus I think most motherboards are not
>> designed to be secure against attacks from PCI/firewire/etc.
>> 
>> Rich
>> 
>> 
> 
> 
> Now that is wicked.  Like I said, this could get crazy.  ROFL  Thing is,
> with Linux, it could be set up to run a script so that if say the
> keyboard/mouse/some other device is removed, it runs shutdown.  It seems
> the biggest thing as for as Govt goes, having it do something they can't
> anticipate it doing that locks things down or does a rm -rfv /* or some
> other nasty command. 
> 
> I might add, on a older rig I tried that command once.  I ran rm -rfv /*
> and it didn't erase everything like I thought it would.  I figured the
> command would be loaded in ram and would run until the end of the /
> structure.  It didn't.  I can't recall how far it got now but I think it
> was in the /proc directory.  I figure it deleted the process and sort of
> forgot to finish.  It's been a while since I did that tho.  Details are
> fuzzy. 

Well rm does not remove anything. It just unlinks the data. If you use journalling fs, everithing is recoverable from journal easily. And even without the journal you will easily get most of the data.

dd if=/dev/zero of=/dev/your-root-drive bs=4096

This will wipe data so that it is quite hard to retrive it. Retriving would require opening the drive, etc...

-- 
-Matti

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[godzil]

Le 2014-06-02 13:23, Matti Nykyri a écrit :
> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
> 
> 
> Well i have a switch in the door of the server room. It opens when you
> open the door. That signals the kernel to wipe all the encryption keys
> from kernel memory. Without the keys there is no access to the disks.
> After that another kernel is executed which wipes the memory of the
> old kernel. If you just pull the plug memory will stay in its state
> for an unspecified time.
> 
> Swap uses random keys.
> 
> network switches and routers get power only after firewall-server is
> up and running.
> 
> There is no easy way to enter the room without wipeing the encryption
> keys. Booting up the server requires that a boot disk is brought to
> the computer to decrypt the boot drive. Grub2 can do this easily. This
> is to prevent some one to tamper eith a boot loader.
> 
> System is not protected against hardware tamperment. The server room
> is an RF-cage.
> 
> I consoder this setup quite secure.

It's nice to encrypt and wipe things automatically, but what about the 
backups?

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Jun 2, 2014, at 15:36, godzil <godzil@godzil.net> wrote:

> Le 2014-06-02 13:23, Matti Nykyri a écrit :
>> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
>> Well i have a switch in the door of the server room. It opens when you
>> open the door. That signals the kernel to wipe all the encryption keys
>> from kernel memory. Without the keys there is no access to the disks.
>> After that another kernel is executed which wipes the memory of the
>> old kernel. If you just pull the plug memory will stay in its state
>> for an unspecified time.
>> Swap uses random keys.
>> network switches and routers get power only after firewall-server is
>> up and running.
>> There is no easy way to enter the room without wipeing the encryption
>> keys. Booting up the server requires that a boot disk is brought to
>> the computer to decrypt the boot drive. Grub2 can do this easily. This
>> is to prevent some one to tamper eith a boot loader.
>> System is not protected against hardware tamperment. The server room
>> is an RF-cage.
>> I consoder this setup quite secure.
> 
> It's nice to encrypt and wipe things automatically, but what about the backups?

Well i have backups on their own drive with its own keys. I have backups of the keys in another location. The drives are LUKS drivers with detached LUKS info.

-- 
-Matti

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Monday, June 02, 2014 11:56:24 AM Neil Bothwick wrote:
> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
> > The second option does sound what I am looking for.  Basically, if I log
> > out but leave my computer on, leave home, some crook/NSA type breaks in
> > and tries to access something or steals my whole puter, they would just
> > get garbage for data.  That seems to fit the second option best.
> 
> If they steal your computer they will have to power it off, unless you
> are kind enough to leave them a large enough UPS to steal along with it,
> so any encryption will be equally effective.

You only need a UPS that can keep a machine running for about a few minutes.
First start the portable generator, then unplug the UPS from the wall and plug 
it into the portable generator.
Then when in the car/van/truck/... plug it over from the portable generator 
into a 12V / 24V -> 120/240V DC/AC converter and drive to a location where you 
have the tools to hack into a running machine.

Best configure the machine to auto-power-down when it looses connection to a 
fixed device in your home, like the smart meter, bluetooth headset,... or 
anything else that has a built-in wireless capability.

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Monday, June 02, 2014 12:10:38 PM Neil Bothwick wrote:
> On Mon, 02 Jun 2014 06:04:44 -0500, Dale wrote:
> > That said, my UPS claims it will run for about a hour or so.  They could
> > go quite a ways around here in a hour.
> 
> Mine won't last that long, but it does make quite a racket when you
> disconnect the mains, maybe loud enough to have a thief leave it behind.

Those alarms are silenced when plugged back into a powersource and usually 
there is a silence-button on the UPS.

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Jun 2, 2014, at 17:52, "J. Roeleveld" <joost@antarean.org> wrote:

> On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote:
>> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
>>> On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
>>>> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
>>>>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>>>>>> The second option does sound what I am looking for.  Basically, if I
>>>>>> log
>>>>>> out but leave my computer on, leave home, some crook/NSA type breaks in
>>>>>> and tries to access something or steals my whole puter, they would just
>>>>>> get garbage for data.  That seems to fit the second option best.
>>>>> 
>>>>> If they steal your computer they will have to power it off, unless you
>>>>> are kind enough to leave them a large enough UPS to steal along with it,
>>>>> so any encryption will be equally effective.
>>>> 
>>>> If you're worried about casual thieves then just about any kind of
>>>> properly-implemented encryption will stop them.
>>>> 
>>>> If you're worried about a government official specifically tasked with
>>>> retrieving your computer, my understanding is that it is SOP these
>>>> days to retrieve your computer without powering it off for just this
>>>> reason.  They won't use your UPS to do it.  Typically they remove the
>>>> plug just far enough to expose the prongs, slide in a connector that
>>>> connects it to a UPS, and then they pull it out the rest of the way
>>>> now powered by the UPS.
>>>> 
>>>> See something like:
>>>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
>>> 
>>> Hmm... Those are nice, but can be easily built yourself with an
>>> off-the-shelf UPS.
>>> 
>>>> Presumably somebody who is determined will also have the means to
>>>> retrieve the contents of RAM once they seize your computer.  Besides
>>>> directlly accessing the memory bus I think most motherboards are not
>>>> designed to be secure against attacks from PCI/firewire/etc.
>>> 
>>> Hmm... add something to auto-shutdown the computer when a hotplug event
>>> occurs on any of the internal ports and remove support for unused ports
>>> from the kernel.
>>> 
>>> I wonder how they'd keep a computer from initiating a shutdown procedure
>>> or
>>> causing a kernel panic when it looses (wireless) connection to another
>>> device that is unlikely to be moved when powered up?
>> 
>> Well i have a switch in the door of the server room. It opens when you open
>> the door. That signals the kernel to wipe all the encryption keys from
>> kernel memory. Without the keys there is no access to the disks. After that
>> another kernel is executed which wipes the memory of the old kernel. If you
>> just pull the plug memory will stay in its state for an unspecified time.
> 
> You don't happen to have a howto on how to set that up?

Well i have a deamon running and a self made logic device in COM-port. Very simple. It has a single serial-parallel converter to do simple IO. Currently it just controls one relay that powers the network-devices.

>> Swap uses random keys.
>> 
>> network switches and routers get power only after firewall-server is up and
>> running.
> 
> networked powersockets?

A normal logic port and a transistor and then relay that controls power to the sockets of the network-devices :)

>> There is no easy way to enter the room without wipeing the encryption keys.
>> Booting up the server requires that a boot disk is brought to the computer
>> to decrypt the boot drive. Grub2 can do this easily. This is to prevent
>> some one to tamper eith a boot loader.
>> 
>> System is not protected against hardware tamperment. The server room is an
>> RF-cage.
>> 
>> I consoder this setup quite secure.
> 
> Makes me wonder what it is you are protecting your server from. :)

Well just a hobby. I wanted to play with electronics. The server controls my heating, locks of the house, lights, airconditioning, fire-alarm and burglar-alarm. Gentoo-powered house...

-- 
-Matti

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Rich Freeman]

On Mon, Jun 2, 2014 at 8:06 AM, Dale <rdalek1967@gmail.com> wrote:
> Now that is wicked.  Like I said, this could get crazy.

Meh.  I don't encrypt my disks for desktops at home.  My Chromebook
comes encrypted out-of-the-box (no doubt the NSA can have it unlocked
on request). If I had any other laptops I'd probably use full-disk
encryption of some kind on it.

My threat model for disk encryption is that somebody steals my laptop
and wants to rummage for passwords/credit card numbers/etc.  If they
stole my desktop they'd probably give up when they find the data is
stored on btrfs in raid1 mode, and even the vanilla ext4 backup disk
probably would deter them, but if they're stealing my desktop they're
probably stealing my passport, birth certificates, and all that other
good stuff anyway.

As far as the NSA sending Ninjas through the windows goes, I really
see the threat there as having two levels.  One is that the NSA does
pervasive monitoring of virtually everything they can get their hands
on to look for trends/etc.  The other is that the NSA has a specific
interest in you, for whatever reason.

For general NSA monitoring simply using https/TLS/etc is about as good
as you're going to get.  Chances are they aren't interested in
attacking your PC due to the economics of it, and if they use
zero-days widely there is a risk of them being detected (and thus the
bug they exploit gets fixed and they have to find another).  They
probably read any unencrypted packets that go through a router at any
of the big choke points - probably a substantial part of the total
volume crossing the internet.  They probably do not store most of that
data - they look for whatever they look for and discard the rest.
They probably have root on major service provider networks (either
with or without cooperation), so they're reading your
Gmail/Facebook/etc, so they really don't care if you use https to
connect to those services.

If you're a target of interest then the gloves come off, depending on
just how interesting you are.  Most likely you're going to be targeted
for a remote exploit with professional management of a rootkit on your
devices.  All your network traffic might be captured and retained.  If
you're really interesting they might send the ninjas at night.  You
get all those nice value-added-services like pre-installed rootkits in
any hardware you buy, probably from any vendor as long as it passes
through a country that is US-friendly (which is just about
everywhere).

If you're looking to evade general monitoring your best bet is to not
communicate with anybody who isn't as paranoid as you are.  You
probably should refrain from posting on lists like this one, as they
are recording the people you correspond with to determine what sort of
person you are.  Honestly, you're best off not using the Internet at
all, since there isn't anybody you can talk to who won't leak
everything to the NSA unwittingly.  However, the reality is that most
of us are pretty boring, so the NSA probably doesn't care what we do.

If you're looking to evade specific monitoring then I don't know what
to tell you.  They targeted the Iranian uranium enrichment program and
that was behind a sneakernet.  I suspect that they have different
levels of effort for various targets.  For example, Snowden revealed
that the NSA looks to root boxes belonging to sysadmins who have
access to services they're interested in - so if they wanted to poke
around on the Gentoo forum logs to find IPs they might look to root
members of infra, even though the members of infra aren't of interest
otherwise.  I run a tor relay and I wouldn't be surprised if they
rooted my box as a result - rooting all the tor relays would allow
them to de-anonymize tor completely.  Sure, you can wire up the door
to drop your server in a vat of acid, but that doesn't help if they
have a zero-day for your server.

Honestly, I just don't worry about it.  If they want to root me, I
doubt worrying about it is going to change anything.  I'd rather if
they didn't, or if they are going to do it anyway I wish that I could
just ask them to send me a copy of my data so that I could stop
worrying about running my own backups.

Rich

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[godzil]

So you backup on harddrive, not tape and theses are not incremental 
backups.

But my question about backup was not only for you but for all that 
encrypt their servers.

The backup part is generally the weakest point.


Le 2014-06-02 13:58, Matti Nykyri a écrit :
> On Jun 2, 2014, at 15:36, godzil <godzil@godzil.net> wrote:
> 
>> Le 2014-06-02 13:23, Matti Nykyri a écrit :
>>> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
>>> Well i have a switch in the door of the server room. It opens when 
>>> you
>>> open the door. That signals the kernel to wipe all the encryption 
>>> keys
>>> from kernel memory. Without the keys there is no access to the disks.
>>> After that another kernel is executed which wipes the memory of the
>>> old kernel. If you just pull the plug memory will stay in its state
>>> for an unspecified time.
>>> Swap uses random keys.
>>> network switches and routers get power only after firewall-server is
>>> up and running.
>>> There is no easy way to enter the room without wipeing the encryption
>>> keys. Booting up the server requires that a boot disk is brought to
>>> the computer to decrypt the boot drive. Grub2 can do this easily. 
>>> This
>>> is to prevent some one to tamper eith a boot loader.
>>> System is not protected against hardware tamperment. The server room
>>> is an RF-cage.
>>> I consoder this setup quite secure.
>> 
>> It's nice to encrypt and wipe things automatically, but what about the 
>> backups?
> 
> Well i have backups on their own drive with its own keys. I have
> backups of the keys in another location. The drives are LUKS drivers
> with detached LUKS info.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
> > On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
> >> The second option does sound what I am looking for.  Basically, if I log
> >> out but leave my computer on, leave home, some crook/NSA type breaks in
> >> and tries to access something or steals my whole puter, they would just
> >> get garbage for data.  That seems to fit the second option best.
> > 
> > If they steal your computer they will have to power it off, unless you
> > are kind enough to leave them a large enough UPS to steal along with it,
> > so any encryption will be equally effective.
> 
> If you're worried about casual thieves then just about any kind of
> properly-implemented encryption will stop them.
> 
> If you're worried about a government official specifically tasked with
> retrieving your computer, my understanding is that it is SOP these
> days to retrieve your computer without powering it off for just this
> reason.  They won't use your UPS to do it.  Typically they remove the
> plug just far enough to expose the prongs, slide in a connector that
> connects it to a UPS, and then they pull it out the rest of the way
> now powered by the UPS.
> 
> See something like:
> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/

Hmm... Those are nice, but can be easily built yourself with an off-the-shelf 
UPS.

> Presumably somebody who is determined will also have the means to
> retrieve the contents of RAM once they seize your computer.  Besides
> directlly accessing the memory bus I think most motherboards are not
> designed to be secure against attacks from PCI/firewire/etc.

Hmm... add something to auto-shutdown the computer when a hotplug event occurs 
on any of the internal ports and remove support for unused ports from the 
kernel.

I wonder how they'd keep a computer from initiating a shutdown procedure or 
causing a kernel panic when it looses (wireless) connection to another device 
that is unlikely to be moved when powered up?

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote:
> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
> > On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
> >> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
> >>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
> >>>> The second option does sound what I am looking for.  Basically, if I
> >>>> log
> >>>> out but leave my computer on, leave home, some crook/NSA type breaks in
> >>>> and tries to access something or steals my whole puter, they would just
> >>>> get garbage for data.  That seems to fit the second option best.
> >>> 
> >>> If they steal your computer they will have to power it off, unless you
> >>> are kind enough to leave them a large enough UPS to steal along with it,
> >>> so any encryption will be equally effective.
> >> 
> >> If you're worried about casual thieves then just about any kind of
> >> properly-implemented encryption will stop them.
> >> 
> >> If you're worried about a government official specifically tasked with
> >> retrieving your computer, my understanding is that it is SOP these
> >> days to retrieve your computer without powering it off for just this
> >> reason.  They won't use your UPS to do it.  Typically they remove the
> >> plug just far enough to expose the prongs, slide in a connector that
> >> connects it to a UPS, and then they pull it out the rest of the way
> >> now powered by the UPS.
> >> 
> >> See something like:
> >> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
> > 
> > Hmm... Those are nice, but can be easily built yourself with an
> > off-the-shelf UPS.
> > 
> >> Presumably somebody who is determined will also have the means to
> >> retrieve the contents of RAM once they seize your computer.  Besides
> >> directlly accessing the memory bus I think most motherboards are not
> >> designed to be secure against attacks from PCI/firewire/etc.
> > 
> > Hmm... add something to auto-shutdown the computer when a hotplug event
> > occurs on any of the internal ports and remove support for unused ports
> > from the kernel.
> > 
> > I wonder how they'd keep a computer from initiating a shutdown procedure
> > or
> > causing a kernel panic when it looses (wireless) connection to another
> > device that is unlikely to be moved when powered up?
> 
> Well i have a switch in the door of the server room. It opens when you open
> the door. That signals the kernel to wipe all the encryption keys from
> kernel memory. Without the keys there is no access to the disks. After that
> another kernel is executed which wipes the memory of the old kernel. If you
> just pull the plug memory will stay in its state for an unspecified time.

You don't happen to have a howto on how to set that up?

> Swap uses random keys.
> 
> network switches and routers get power only after firewall-server is up and
> running.

networked powersockets?

> There is no easy way to enter the room without wipeing the encryption keys.
> Booting up the server requires that a boot disk is brought to the computer
> to decrypt the boot drive. Grub2 can do this easily. This is to prevent
> some one to tamper eith a boot loader.
> 
> System is not protected against hardware tamperment. The server room is an
> RF-cage.
> 
> I consoder this setup quite secure.

Makes me wonder what it is you are protecting your server from. :)

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Monday, June 02, 2014 04:23:07 PM Matti Nykyri wrote:
> On Jun 2, 2014, at 17:52, "J. Roeleveld" <joost@antarean.org> wrote:
> > On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote:
> >> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
> >>> On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
> >>>> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> 
wrote:
> >>>>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
> >>>>>> The second option does sound what I am looking for.  Basically, if I
> >>>>>> log
> >>>>>> out but leave my computer on, leave home, some crook/NSA type breaks
> >>>>>> in
> >>>>>> and tries to access something or steals my whole puter, they would
> >>>>>> just
> >>>>>> get garbage for data.  That seems to fit the second option best.
> >>>>> 
> >>>>> If they steal your computer they will have to power it off, unless you
> >>>>> are kind enough to leave them a large enough UPS to steal along with
> >>>>> it,
> >>>>> so any encryption will be equally effective.
> >>>> 
> >>>> If you're worried about casual thieves then just about any kind of
> >>>> properly-implemented encryption will stop them.
> >>>> 
> >>>> If you're worried about a government official specifically tasked with
> >>>> retrieving your computer, my understanding is that it is SOP these
> >>>> days to retrieve your computer without powering it off for just this
> >>>> reason.  They won't use your UPS to do it.  Typically they remove the
> >>>> plug just far enough to expose the prongs, slide in a connector that
> >>>> connects it to a UPS, and then they pull it out the rest of the way
> >>>> now powered by the UPS.
> >>>> 
> >>>> See something like:
> >>>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
> >>> 
> >>> Hmm... Those are nice, but can be easily built yourself with an
> >>> off-the-shelf UPS.
> >>> 
> >>>> Presumably somebody who is determined will also have the means to
> >>>> retrieve the contents of RAM once they seize your computer.  Besides
> >>>> directlly accessing the memory bus I think most motherboards are not
> >>>> designed to be secure against attacks from PCI/firewire/etc.
> >>> 
> >>> Hmm... add something to auto-shutdown the computer when a hotplug event
> >>> occurs on any of the internal ports and remove support for unused ports
> >>> from the kernel.
> >>> 
> >>> I wonder how they'd keep a computer from initiating a shutdown procedure
> >>> or
> >>> causing a kernel panic when it looses (wireless) connection to another
> >>> device that is unlikely to be moved when powered up?
> >> 
> >> Well i have a switch in the door of the server room. It opens when you
> >> open
> >> the door. That signals the kernel to wipe all the encryption keys from
> >> kernel memory. Without the keys there is no access to the disks. After
> >> that
> >> another kernel is executed which wipes the memory of the old kernel. If
> >> you
> >> just pull the plug memory will stay in its state for an unspecified time.
> > 
> > You don't happen to have a howto on how to set that up?
> 
> Well i have a deamon running and a self made logic device in COM-port. Very
> simple. It has a single serial-parallel converter to do simple IO.
> Currently it just controls one relay that powers the network-devices.

I actually meant the software side:
- How to wipe the keys and then wipe the whole memory.

> >> I consoder this setup quite secure.
> > 
> > Makes me wonder what it is you are protecting your server from. :)
> 
> Well just a hobby. I wanted to play with electronics. The server controls my
> heating, locks of the house, lights, airconditioning, fire-alarm and
> burglar-alarm. Gentoo-powered house...

I would keep the system controlling all that off the internet with only a 
null-modem cable to an internet-connected server using a custom protocol.

Anything that doesn't match the protocol initiates a full lock-down of the 
house. ;)

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Volker Armin Hemmann]

Am 02.06.2014 12:56, schrieb Neil Bothwick:
> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>
>> The second option does sound what I am looking for.  Basically, if I log
>> out but leave my computer on, leave home, some crook/NSA type breaks in
>> and tries to access something or steals my whole puter, they would just
>> get garbage for data.  That seems to fit the second option best. 
> If they steal your computer they will have to power it off, unless you
> are kind enough to leave them a large enough UPS to steal along with it,
> so any encryption will be equally effective.
>
>
if they go so far to steal his box, they will probably be willing to use
some rubber hose attacks to break the key...

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Volker Armin Hemmann]

Am 02.06.2014 13:28, schrieb Rich Freeman:
> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>>
>>> The second option does sound what I am looking for.  Basically, if I log
>>> out but leave my computer on, leave home, some crook/NSA type breaks in
>>> and tries to access something or steals my whole puter, they would just
>>> get garbage for data.  That seems to fit the second option best.
>> If they steal your computer they will have to power it off, unless you
>> are kind enough to leave them a large enough UPS to steal along with it,
>> so any encryption will be equally effective.
> If you're worried about casual thieves then just about any kind of
> properly-implemented encryption will stop them.
>
> If you're worried about a government official specifically tasked with
> retrieving your computer, my understanding is that it is SOP these
> days to retrieve your computer without powering it off for just this
> reason.  They won't use your UPS to do it.  Typically they remove the
> plug just far enough to expose the prongs, slide in a connector that
> connects it to a UPS, and then they pull it out the rest of the way
> now powered by the UPS.
>
> See something like:
> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
only works with sockets of unsafe design - aka american stuff.

Can not be used with Schuko sockets.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Volker Armin Hemmann]

Am 02.06.2014 16:52, schrieb J. Roeleveld:
> On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote:
>> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
>>> On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
>>>> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
>>>>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>>>>>> The second option does sound what I am looking for.  Basically, if I
>>>>>> log
>>>>>> out but leave my computer on, leave home, some crook/NSA type breaks in
>>>>>> and tries to access something or steals my whole puter, they would just
>>>>>> get garbage for data.  That seems to fit the second option best.
>>>>> If they steal your computer they will have to power it off, unless you
>>>>> are kind enough to leave them a large enough UPS to steal along with it,
>>>>> so any encryption will be equally effective.
>>>> If you're worried about casual thieves then just about any kind of
>>>> properly-implemented encryption will stop them.
>>>>
>>>> If you're worried about a government official specifically tasked with
>>>> retrieving your computer, my understanding is that it is SOP these
>>>> days to retrieve your computer without powering it off for just this
>>>> reason.  They won't use your UPS to do it.  Typically they remove the
>>>> plug just far enough to expose the prongs, slide in a connector that
>>>> connects it to a UPS, and then they pull it out the rest of the way
>>>> now powered by the UPS.
>>>>
>>>> See something like:
>>>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
>>> Hmm... Those are nice, but can be easily built yourself with an
>>> off-the-shelf UPS.
>>>
>>>> Presumably somebody who is determined will also have the means to
>>>> retrieve the contents of RAM once they seize your computer.  Besides
>>>> directlly accessing the memory bus I think most motherboards are not
>>>> designed to be secure against attacks from PCI/firewire/etc.
>>> Hmm... add something to auto-shutdown the computer when a hotplug event
>>> occurs on any of the internal ports and remove support for unused ports
>>> from the kernel.
>>>
>>> I wonder how they'd keep a computer from initiating a shutdown procedure
>>> or
>>> causing a kernel panic when it looses (wireless) connection to another
>>> device that is unlikely to be moved when powered up?
>> Well i have a switch in the door of the server room. It opens when you open
>> the door. That signals the kernel to wipe all the encryption keys from
>> kernel memory. Without the keys there is no access to the disks. After that
>> another kernel is executed which wipes the memory of the old kernel. If you
>> just pull the plug memory will stay in its state for an unspecified time.
> You don't happen to have a howto on how to set that up?
>
>> Swap uses random keys.
>>
>> network switches and routers get power only after firewall-server is up and
>> running.
> networked powersockets?
>
>> There is no easy way to enter the room without wipeing the encryption keys.
>> Booting up the server requires that a boot disk is brought to the computer
>> to decrypt the boot drive. Grub2 can do this easily. This is to prevent
>> some one to tamper eith a boot loader.
>>
>> System is not protected against hardware tamperment. The server room is an
>> RF-cage.
>>
>> I consoder this setup quite secure.
> Makes me wonder what it is you are protecting your server from. :)
>

some people really want to hide their porn collection.

No, I don't know what is in that black aluminium case. Yeah, lost the
keys a long time ago. No, I don't want to throw it away, the plant looks
so nice on it ...

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Monday, June 02, 2014 07:14:27 PM Volker Armin Hemmann wrote:
> Am 02.06.2014 13:28, schrieb Rich Freeman:
> > On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> wrote:
> >> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
> >>> The second option does sound what I am looking for.  Basically, if I log
> >>> out but leave my computer on, leave home, some crook/NSA type breaks in
> >>> and tries to access something or steals my whole puter, they would just
> >>> get garbage for data.  That seems to fit the second option best.
> >> 
> >> If they steal your computer they will have to power it off, unless you
> >> are kind enough to leave them a large enough UPS to steal along with it,
> >> so any encryption will be equally effective.
> > 
> > If you're worried about casual thieves then just about any kind of
> > properly-implemented encryption will stop them.
> > 
> > If you're worried about a government official specifically tasked with
> > retrieving your computer, my understanding is that it is SOP these
> > days to retrieve your computer without powering it off for just this
> > reason.  They won't use your UPS to do it.  Typically they remove the
> > plug just far enough to expose the prongs, slide in a connector that
> > connects it to a UPS, and then they pull it out the rest of the way
> > now powered by the UPS.
> > 
> > See something like:
> > http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
> 
> only works with sockets of unsafe design - aka american stuff.
> 
> Can not be used with Schuko sockets.

Actually, it can be used with Schuko sockets, just a bit risky...

1) Strip the wire
2) split off the power wires
3) plug the powersupply directly onto the core of the cable.
4) unplug from the wall

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Marc Stürmer]

Am 01.06.2014 14:31, schrieb Tanstaafl:

> Wow, I've been mostly offline for a few days, and this morning when
> playing catch up on the news, learned that Truecrypt, one of my all time
> favorite apps, is no more.

Well, considering the fact that Linux comes with its own bunch of 
encrytion possibilities on its own, the demise of TrueCrypt on Linux is 
neglectable.

Some people in Switzerland want to take over development, for further 
information take a look at www.truecrypt.ch.

And then there's tc-play, a free implementation of TrueCrypt based on 
dm-crypt (https://github.com/bwalex/tc-play), which allows reading and 
creating TrueCrypt volumes on your own. It just lacks a good GUI so far.

Cryptsetup since 1.6 supports reading the TrueCrypt on disk format.

And zuluCrypt is a frontend to cryptsetup and tcplay, which acts as a 
GUI for those.

So no loss at all if TrueCrypt would really cease to exist.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Tanstaafl]

On 6/3/2014 3:17 AM, Marc Stürmer <mail@marc-stuermer.de> wrote:
> So no loss at all if TrueCrypt would really cease to exist.

Which totally misses the point of *how* it happened.

But never mind... it was definitely off-topic for gentoo.

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Mick]

[-- Attachment #1: Type: Text/Plain, Size: 736 bytes --]

On Tuesday 03 Jun 2014 11:00:17 Tanstaafl wrote:
> On 6/3/2014 3:17 AM, Marc Stürmer <mail@marc-stuermer.de> wrote:
> > So no loss at all if TrueCrypt would really cease to exist.
> 
> Which totally misses the point of *how* it happened.
> 
> But never mind... it was definitely off-topic for gentoo.

With a secret development team in play we are verging on conspiracy theory 
territory, but could it be related to this latest announcement and 
Cryptolocker?

http://www.symantec.com/connect/blogs/international-takedown-wounds-gameover-zeus-cybercrime-network

PS. I don't know how Cryptolocker works, but it reads as if it is a filesystem 
level, rather than block device level encryption tool.
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Jun 2, 2014, at 18:29, "J. Roeleveld" <joost@antarean.org> wrote:

> On Monday, June 02, 2014 04:23:07 PM Matti Nykyri wrote:
>> On Jun 2, 2014, at 17:52, "J. Roeleveld" <joost@antarean.org> wrote:
>>> On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote:
>>>> On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@antarean.org> wrote:
>>>>> On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote:
>>>>>> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@digimed.co.uk> 
> wrote:
>>>>>>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote:
>>>>>>>> The second option does sound what I am looking for.  Basically, if I
>>>>>>>> log
>>>>>>>> out but leave my computer on, leave home, some crook/NSA type breaks
>>>>>>>> in
>>>>>>>> and tries to access something or steals my whole puter, they would
>>>>>>>> just
>>>>>>>> get garbage for data.  That seems to fit the second option best.
>>>>>>> 
>>>>>>> If they steal your computer they will have to power it off, unless you
>>>>>>> are kind enough to leave them a large enough UPS to steal along with
>>>>>>> it,
>>>>>>> so any encryption will be equally effective.
>>>>>> 
>>>>>> If you're worried about casual thieves then just about any kind of
>>>>>> properly-implemented encryption will stop them.
>>>>>> 
>>>>>> If you're worried about a government official specifically tasked with
>>>>>> retrieving your computer, my understanding is that it is SOP these
>>>>>> days to retrieve your computer without powering it off for just this
>>>>>> reason.  They won't use your UPS to do it.  Typically they remove the
>>>>>> plug just far enough to expose the prongs, slide in a connector that
>>>>>> connects it to a UPS, and then they pull it out the rest of the way
>>>>>> now powered by the UPS.
>>>>>> 
>>>>>> See something like:
>>>>>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/
>>>>> 
>>>>> Hmm... Those are nice, but can be easily built yourself with an
>>>>> off-the-shelf UPS.
>>>>> 
>>>>>> Presumably somebody who is determined will also have the means to
>>>>>> retrieve the contents of RAM once they seize your computer.  Besides
>>>>>> directlly accessing the memory bus I think most motherboards are not
>>>>>> designed to be secure against attacks from PCI/firewire/etc.
>>>>> 
>>>>> Hmm... add something to auto-shutdown the computer when a hotplug event
>>>>> occurs on any of the internal ports and remove support for unused ports
>>>>> from the kernel.
>>>>> 
>>>>> I wonder how they'd keep a computer from initiating a shutdown procedure
>>>>> or
>>>>> causing a kernel panic when it looses (wireless) connection to another
>>>>> device that is unlikely to be moved when powered up?
>>>> 
>>>> Well i have a switch in the door of the server room. It opens when you
>>>> open
>>>> the door. That signals the kernel to wipe all the encryption keys from
>>>> kernel memory. Without the keys there is no access to the disks. After
>>>> that
>>>> another kernel is executed which wipes the memory of the old kernel. If
>>>> you
>>>> just pull the plug memory will stay in its state for an unspecified time.
>>> 
>>> You don't happen to have a howto on how to set that up?
>> 
>> Well i have a deamon running and a self made logic device in COM-port. Very
>> simple. It has a single serial-parallel converter to do simple IO.
>> Currently it just controls one relay that powers the network-devices.
> 
> I actually meant the software side:
> - How to wipe the keys and then wipe the whole memory.

The dm-crypt module inside kernel provides a crypt_wipe_key function that wipes the memory portion that holds the key. It also invalidates the key, so that no further writes to the drive can occur. Suspending the device prior is recommended:

dmsetup suspend /dev/to-device
dmsetup message /dev/to-device 0 key wipe

When you boot into your kernel you can setup a crash kernel inside your memory. The running kernel will not touch this area so you can be certain that there is no confidential data inside. Then you just wipe the area of the memory of the original kernel after you have executed your crash kernel.

So I do this by opening /dev/mem in the crash kernel and then mmap every page you need to wipe. I use the memset to wipe the page. Begin from physical address where your original kernel is located and walk the way up. Skip the portion where you crash kernel is! Crash kernel location is in your kernel cmdline and the location of the original kernel in your kernel config.

>>>> I consoder this setup quite secure.
>>> 
>>> Makes me wonder what it is you are protecting your server from. :)
>> 
>> Well just a hobby. I wanted to play with electronics. The server controls my
>> heating, locks of the house, lights, airconditioning, fire-alarm and
>> burglar-alarm. Gentoo-powered house...
> 
> I would keep the system controlling all that off the internet with only a 
> null-modem cable to an internet-connected server using a custom protocol.
> 
> Anything that doesn't match the protocol initiates a full lock-down of the 
> house. ;)

But it is much more convenient to control everything from you phone via internet. Just have everything setup in a secure manner. Anyways it's easier for a common burglar to break the window then to hack the server! And you can not steal the stereos by hacking the server ;)

-- 
-Matti

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Jun 4, 2014, at 0:05, "J. Roeleveld" <joost@antarean.org> wrote:

> On Tuesday, June 03, 2014 09:53:58 PM Matti Nykyri wrote:
>> On Jun 2, 2014, at 18:29, "J. Roeleveld" <joost@antarean.org> wrote:
>>> I actually meant the software side:
>>> - How to wipe the keys and then wipe the whole memory.
>> 
>> The dm-crypt module inside kernel provides a crypt_wipe_key function that
>> wipes the memory portion that holds the key. It also invalidates the key,
>> so that no further writes to the drive can occur. Suspending the device
>> prior is recommended:
>> 
>> dmsetup suspend /dev/to-device
>> dmsetup message /dev/to-device 0 key wipe
> 
> Thank you for this, wasn't aware of those yet.
> Does this also work with LUKS encrypted devices?

Yes.

Well LUKS is just a binary header that contains all the necessary setups for a secure disk encryption. If you don't use LUKS you must do all the steps it does by your self. From kernel point of view it does not see LUKS at all. When cryptsetup setups a LUKS drive in device-mapper it gives it only the portion of the drive behind the LUKS-header. LUKS is just a good way of storing your setup (cipher, master key etc...). There is a really good article about LUKS, but i failed to find it now.

>> When you boot into your kernel you can setup a crash kernel inside your
>> memory. The running kernel will not touch this area so you can be certain
>> that there is no confidential data inside. Then you just wipe the area of
>> the memory of the original kernel after you have executed your crash
>> kernel.
>> 
>> So I do this by opening /dev/mem in the crash kernel and then mmap every
>> page you need to wipe. I use the memset to wipe the page. Begin from
>> physical address where your original kernel is located and walk the way up.
>> Skip the portion where you crash kernel is! Crash kernel location is in
>> your kernel cmdline and the location of the original kernel in your kernel
>> config.
> 
> Hmm.. this goes beyond me. Will need to google on this to see if I can find 
> some more. Unless you know a good starting URL?

Didn't find a good one either. Will continue searching.

There are many ways to do it though. Through the kernel or just write your own program that runs all by it self... Like memtest86. In its source there is everything you need to wipe the memory. But that is more advanced then doing it via kernel interface in my opinion..

>>> I would keep the system controlling all that off the internet with only a
>>> null-modem cable to an internet-connected server using a custom protocol.
>>> 
>>> Anything that doesn't match the protocol initiates a full lock-down of the
>>> house. ;)
>> 
>> But it is much more convenient to control everything from you phone via
>> internet. Just have everything setup in a secure manner. Anyways it's
>> easier for a common burglar to break the window then to hack the server!
>> And you can not steal the stereos by hacking the server ;)
> 
> Perhaps, but I would have added security shutters to all the windows and doors 
> which are also controlled by the same system. Smashing a window wouldn't help 
> there.
> Especially if the only way to open those is by getting the server (which by 
> then went into a full lock-down) to open them...
> Now only to add a halo fire suppression system to the server room and all you 
> need to do is find a way to dispose of the mess.... ;)

Lol.

-M

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Marc Stürmer]

Am 03.06.2014 12:00, schrieb Tanstaafl:

>> So no loss at all if TrueCrypt would really cease to exist.
>
> Which totally misses the point of *how* it happened.

How it happened is strange and you can make many theories about it.

The more interesting question about it for sure is: why did many people 
trust such an anonymous development team at all?

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[J. Roeleveld]

On Tuesday, June 03, 2014 09:53:58 PM Matti Nykyri wrote:
> On Jun 2, 2014, at 18:29, "J. Roeleveld" <joost@antarean.org> wrote:
> > I actually meant the software side:
> > - How to wipe the keys and then wipe the whole memory.
> 
> The dm-crypt module inside kernel provides a crypt_wipe_key function that
> wipes the memory portion that holds the key. It also invalidates the key,
> so that no further writes to the drive can occur. Suspending the device
> prior is recommended:
> 
> dmsetup suspend /dev/to-device
> dmsetup message /dev/to-device 0 key wipe

Thank you for this, wasn't aware of those yet.
Does this also work with LUKS encrypted devices?

> When you boot into your kernel you can setup a crash kernel inside your
> memory. The running kernel will not touch this area so you can be certain
> that there is no confidential data inside. Then you just wipe the area of
> the memory of the original kernel after you have executed your crash
> kernel.
> 
> So I do this by opening /dev/mem in the crash kernel and then mmap every
> page you need to wipe. I use the memset to wipe the page. Begin from
> physical address where your original kernel is located and walk the way up.
> Skip the portion where you crash kernel is! Crash kernel location is in
> your kernel cmdline and the location of the original kernel in your kernel
> config.

Hmm.. this goes beyond me. Will need to google on this to see if I can find 
some more. Unless you know a good starting URL?

> > I would keep the system controlling all that off the internet with only a
> > null-modem cable to an internet-connected server using a custom protocol.
> > 
> > Anything that doesn't match the protocol initiates a full lock-down of the
> > house. ;)
> 
> But it is much more convenient to control everything from you phone via
> internet. Just have everything setup in a secure manner. Anyways it's
> easier for a common burglar to break the window then to hack the server!
> And you can not steal the stereos by hacking the server ;)

Perhaps, but I would have added security shutters to all the windows and doors 
which are also controlled by the same system. Smashing a window wouldn't help 
there.
Especially if the only way to open those is by getting the server (which by 
then went into a full lock-down) to open them...
Now only to add a halo fire suppression system to the server room and all you 
need to do is find a way to dispose of the mess.... ;)

--
Joost

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Matti Nykyri]

On Tue, Jun 03, 2014 at 10:53:15PM +0300, Matti Nykyri wrote:
> On Jun 4, 2014, at 0:05, "J. Roeleveld" <joost@antarean.org> wrote:
> 
> > On Tuesday, June 03, 2014 09:53:58 PM Matti Nykyri wrote:
> >> On Jun 2, 2014, at 18:29, "J. Roeleveld" <joost@antarean.org> wrote:
> >>> I actually meant the software side:
> >>> - How to wipe the keys and then wipe the whole memory.
> >> 
> >> The dm-crypt module inside kernel provides a crypt_wipe_key function that
> >> wipes the memory portion that holds the key. It also invalidates the key,
> >> so that no further writes to the drive can occur. Suspending the device
> >> prior is recommended:
> >> 
> >> dmsetup suspend /dev/to-device
> >> dmsetup message /dev/to-device 0 key wipe
> > 
> > Thank you for this, wasn't aware of those yet.
> > Does this also work with LUKS encrypted devices?
> 
> Yes.
> 
> Well LUKS is just a binary header that contains all the necessary setups for a secure disk encryption. If you don't use LUKS you must do all the steps it does by your self. From kernel point of view it does not see LUKS at all. When cryptsetup setups a LUKS drive in device-mapper it gives it only the portion of the drive behind the LUKS-header. LUKS is just a good way of storing your setup (cipher, master key etc...). There is a really good article about LUKS, but i failed to find it now.

Begin by reading these:

tomb.dyne.org/Luks_on_disk_format.pdf
http://clemens.endorphin.org/TKS1-draft.pdf
http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf

These contain very good info about LUKS and disk encryption. The last one is probably a bit ruff one.

http://clemens.endorphin.org/cryptography - a good one.

I strongly suggest to dig into disk encryption before implementing it!

> >> When you boot into your kernel you can setup a crash kernel inside your
> >> memory. The running kernel will not touch this area so you can be certain
> >> that there is no confidential data inside. Then you just wipe the area of
> >> the memory of the original kernel after you have executed your crash
> >> kernel.
> >> 
> >> So I do this by opening /dev/mem in the crash kernel and then mmap every
> >> page you need to wipe. I use the memset to wipe the page. Begin from
> >> physical address where your original kernel is located and walk the way up.
> >> Skip the portion where you crash kernel is! Crash kernel location is in
> >> your kernel cmdline and the location of the original kernel in your kernel
> >> config.
> > 
> > Hmm.. this goes beyond me. Will need to google on this to see if I can find 
> > some more. Unless you know a good starting URL?
> 
> Didn't find a good one either. Will continue searching.

Here are few pages:

http://naveengopala-embeddedlinux.blogspot.fi/2012/01/reading-physical-mapped-memory-using.html
http://stackoverflow.com/questions/647783/direct-memory-access-in-linux

and mmap man-page for sure...

It is really straight forward... just mmap the page you want and erase it. You will just need to know what addresses to mmap and what not. Do it one page at a time and always align.

The memory should not contain very sensitive data on how to access your disks if you wipe the keys.

> There are many ways to do it though. Through the kernel or just write your own program that runs all by it self... Like memtest86. In its source there is everything you need to wipe the memory. But that is more advanced then doing it via kernel interface in my opinion..
> 
> >>> I would keep the system controlling all that off the internet with only a
> >>> null-modem cable to an internet-connected server using a custom protocol.
> >>> 
> >>> Anything that doesn't match the protocol initiates a full lock-down of the
> >>> house. ;)
> >> 
> >> But it is much more convenient to control everything from you phone via
> >> internet. Just have everything setup in a secure manner. Anyways it's
> >> easier for a common burglar to break the window then to hack the server!
> >> And you can not steal the stereos by hacking the server ;)
> > 
> > Perhaps, but I would have added security shutters to all the windows and doors 
> > which are also controlled by the same system. Smashing a window wouldn't help 
> > there.
> > Especially if the only way to open those is by getting the server (which by 
> > then went into a full lock-down) to open them...
> > Now only to add a halo fire suppression system to the server room and all you 
> > need to do is find a way to dispose of the mess.... ;)
> 
> Lol.
> 
> -M

-- 
-Matti

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 1526 bytes --]

On Mon, Jun 02, 2014 at 11:54:52AM +0100, Neil Bothwick wrote:
> On Mon, 02 Jun 2014 12:06:18 +0200, Alan McKinnon wrote:
>
> > If you encrypt your home directory then you unlock it when you log in so
> > logging out of your DE safely locks things again.

I encrypt my home partition with LUKS and enter a passphrase
during boot. But I always wanted to get decryption upon login running,
especially because it would require me to enter one less password. But
haven’t gotten around to that yet.

> > You most likely want the second option, the odds that you have a valid
> > need to protect /usr and /opt are not good. As a regular user out there,
> > the stuff you want to protect is in /home (or you could easily move it
> > to /home).
>
> With one notable exception. There is sometimes sensitive information
> in /etc, like wireless passwords.

For that reason I put this stuff into /home/etc/$hostname/ (I back up my
machines’ /etc on all other machines, also to have a reference if I need
to know “How did I do this on $other_host?”). And then I symlink to
that from the real location, i.e.:

$ ls -ld /etc/wpa_supplicant
lrwxrwxrwx 1 root root 29 28. Mär 21:02 /etc/wpa_supplicant -> /home/etc/hostname/wpa_supplicant/

Cryptsetup comes early enough in the boot process for this to work (both
with OpenRC and systemd).
--
Gruß | Greetings | Qapla’
Please do not share anything from, with or about me on any social network.

I just took an IQ test. The results were negative.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 1106 bytes --]

On Wed, 4 Jun 2014 21:59:18 +0200, Frank Steinmetzger wrote:

> I encrypt my home partition with LUKS and enter a passphrase
> during boot. But I always wanted to get decryption upon login running,
> especially because it would require me to enter one less password. But
> haven’t gotten around to that yet.

Are you the only use of the computer? If so, set your display manager to
auto-login, you have already authenticated yourself by unlocking the home
partition.

> > With one notable exception. There is sometimes sensitive information
> > in /etc, like wireless passwords.
> 
> For that reason I put this stuff into /home/etc/$hostname/ (I back up my
> machines’ /etc on all other machines, also to have a reference if I need
> to know “How did I do this on $other_host?”). And then I symlink to
> that from the real location, i.e.:

I used to do that, now I have an encrypted /, which contains the keys for
any other encrypted volumes, so I still only need to enter one password.


-- 
Neil Bothwick

Nothing is illegal if one hundred businessmen decide to do it.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 1745 bytes --]

On Thu, Jun 05, 2014 at 12:24:22AM +0100, Neil Bothwick wrote:
> On Wed, 4 Jun 2014 21:59:18 +0200, Frank Steinmetzger wrote:
> 
> > I encrypt my home partition with LUKS and enter a passphrase
> > during boot. But I always wanted to get decryption upon login running,
> > especially because it would require me to enter one less password. But
> > haven’t gotten around to that yet.
> 
> Are you the only use of the computer? If so, set your display manager to
> auto-login, you have already authenticated yourself by unlocking the home
> partition.

Now that’s an interesting idea I haven’t thought of yet. Thanks. My LUKS
passphrase is much more secure than my ancient user password anyway *hehe*.

> > > With one notable exception. There is sometimes sensitive information
> > > in /etc, like wireless passwords.
> > 
> > For that reason I put this stuff into /home/etc/$hostname/ (I back up my
> > machines’ /etc on all other machines, also to have a reference if I need
> > to know “How did I do this on $other_host?”). And then I symlink to
> > that from the real location, i.e.:
> 
> I used to do that, now I have an encrypted /, which contains the keys for
> any other encrypted volumes, so I still only need to enter one password.

That falls into the category of using initrds which is also far down on my
todo. I understand the mechanics and had played with dracut in the past, but
nothing workable has come out of it yet.

> Nothing is illegal if one hundred businessmen decide to do it.

Like stealing taglines. >:-)

-- 
Gruß | Greetings | Qapla’
Please do not share anything from, with or about me on any social network.

Please notify me if you did not receive this message.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Rich Freeman]

On Thu, Jun 5, 2014 at 12:52 PM, Frank Steinmetzger <Warp_7@gmx.de> wrote:
> Now that’s an interesting idea I haven’t thought of yet. Thanks. My LUKS
> passphrase is much more secure than my ancient user password anyway *hehe*.
>

Only if it isn't the same.  :)

In theory neither really need be algorithmically more secure than the
other, but there is more opportunity for somebody to capture your
password after the system is running than while it is booting up.

Rich