-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Daniel Iliev wrote: | On Tue, 24 Jun 2008 22:20:20 -0400 | Chris Walters <[EMAIL PROTECTED]> wrote: [snip] | Perhaps they appear as kernel modules? I'm just guessing.
I think that is how they are supposed to appear, but I can't seem to get them to compile, and the instructions are not too helpful. [snip] | Yes, you can have multiple passwords with dm-crypt-luks. That is good. [snip | Never bothered to go so deep in the internals, but... | | I had a busyness laptop with non-sensitive (in my opinion) data, but | the managers were quite paranoid about that, so I had to encrypt the | drives to save myself the administrative trouble in case it was stolen. | I followed the gentoo-wiki how-to [1] and found out that encrypting the | hdd visibly slowed down the system. | | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], | etc) can break those algorithms relatively easy. On the other hand even | weaker algorithms can protect your data against laptop thieves. That's more than a rumor. Another three letter agency (NSA) has networks of supercomputers that can brute force a passphrase is little time. I am majoring in mathematics, and plan to specialize in cryptology. I doubt they'd let me publish an algorithm that is very hard to break... It is not that I'm terribly paranoid about people getting my data, I just want to make it a little harder. Of course, it is always possible to insert code that will send the unencrypted data, once you've logged on - not easy for the casual user, but for the guru, an easy thing. | What I'm saying is that it is pointless to get very crazy about strong | and heavy algorithms. After all if your enemies are not after your | hardware, but after your data, they could always physically force you | to reveal the password. Yes, I suppose that they could do that, using torture or something like that. [snip] | Yes, you could do something like: | | head /dev/urandom | gpg --symmetric -a > key.gpg | gpg --decrypt key.gpg | cryptsetup luksFormat /dev/some-block-device | gpg --decrypt key.gpg | cryptsetup luksOpen /dev/some-block-device | | | (The above commands are not correct, their sole purpose is to show the | idea) Thanks for the ideas, and for the links. I will be checking them out. | [1] System Encryption DM-Crypt with LUKS: http://tinyurl.com/clrk6 | | [2] M.A.V.O.: http://tinyurl.com/4badqs ; http://tinyurl.com/4chhph :D Regards, Chris -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJIYmDJAAoJEIAhA8M9p9DA0skQAOOPam7lkhP6q+8XstmaUX5s O0zIyEHyIjxi6o2cln60UVXFzac89VvJ4fXYWgA9KcagedGsbWCljp/92Xynyqng 3lnZUWPZPkr0+M5khbO8EKMfEOlx4klWkbXX7kbyNWiSs1b9uWoJJqcb7fpU0mc8 6/Z/4v2EmkTCML1UHdNYaJkeJL7Tr0OxfK0gt9V8xadcZAyJQbF1YpZCqtlBEpdn Fom/tSwgpNn8Lxj5KdbFuNimflDDs4MlOfIsPUTm95mxlTw79YvTg2zqKEzmEvFE Zu3q9867JbStBLUzWJ/sB1WdTWmULm8q1N4tgGC/si02lTHHkpNoX9Sey2fw/w2x CrGBqALNyl3Buh2jMZY4+ALEr+YKnKIZFEybQtKlj971vtrj9s6m6yQM0GUoy41g zzjuIBarrr0NYwZI2rGSF/9aSoksD7GD8JIeLlDuJMpRowwsuU50IwR7cBZ2LfpX heNoxLdUfCdzeXeKOtyoPJNIvDv1LxwuUvlcxXT9vbU/ufvznCzOXlpKyoOWuL29 +aKJVKtzM4wCX+suqJZqva3npyXQMWnk45MjhE7KNvFA8k/OfBZkdxJ9F187iJi1 UoVNeenYgwogC4Y5jXKXdPNdaiFfe+byrIAmdWZOFYhPMBKY5OXO/pVcgp6kfAMe DJDh7m7neS1/8IPmfmG0 =SUZm -----END PGP SIGNATURE----- -- [email protected] mailing list
