On 30/04/2011, Kevin Chadwick <[email protected]> wrote: > On Sat, 30 Apr 2011 17:11:21 +0200 > Thomas de Grivel wrote: > >> 2011/4/29 Kraktus <[email protected]> >> >> > On 28/04/2011, Kevin Chadwick <[email protected]> wrote: >> > > On Wed, 27 Apr 2011 18:56:57 -0400 >> > > Kraktus wrote: >> > > >> > >> So, I think OpenBSD tops the list of operating systems that "just >> > >> work". The only thing I really wish for is more encryption options >> > >> for >> > >> softraid. > >> >> I don't understand what makes you feel more secure giving access to your >> private data to an untrusted OS ? Once you hand the key it's just like an >> unencrypted block device, right ? Or do you have some magic userland >> preventing kernel from seeing your decrypted data because your heap is >> encrypted too ? lol >> > > I figured similar but after a couple of looks back I guessed! he meant a > restricted ssh account to access the data in his home that isn't > encrypted. That's perfectly doable now with vnconfig for blowfish or > bioctl for aes??
No, I just meant there are a multitude of different threat models. Not all attackers are remote. Some of them are local. You know, the thief who breaks into your house, grabs the computer, and proceeds to mount the filesystems on your hard disks from his own hard disk running his own operating system, where he is root or administrator or whatever. At this point, OpenBSD is moot, since your OpenBSD isn't running, his operating system is running. Or the jealous wife of the guy who invited himself over for dinner one time, without telling you he had a wife, and said wife thinks that just because of that you must be sleeping with her husband, and subsequently breaks into your house and steals your computer to search for evidence. Or the guy who things your husband cuckolded him with his wife, breaks in, steals the shared computer, and tries to look at your husband's Windows partition. (Reverse the genders if you are male.) Or the thief who jumps you while you are carrying data to your friend's computer. Local attackers. So you want to encrypt the data so that, while said data is not in use, the local attacker just sees a bunch of gibberish. Except sometimes data needs to be shared with people who use other operating systems, unfortunately, and then you need cross-platform encryption. >> Come on, encrypting disks comes only a long time after securing the system >> itself, trusting your private data wont help you trust the OS. > > Your firefox profile may well be writeable under the above scenario > which may? later help give away your key. Well, sure, there's lots of attacks against different types of encryption depending on the specifics of the situation. And only a subset of people and organizations, e.g. the NSA, are in any position to perform many of those attacks.
