On 30 April 2011 18:38, Kevin Chadwick <[email protected]> wrote: > On Sat, 30 Apr 2011 14:31:37 -0400 > Kraktus wrote: > >> If Eve did know about cracking into Windows computers, then of course >> Alice's plan would be foiled unless she could persuade Bob to switch >> to a better operating system -- not likely, since he's so stubborn -- >> or waited for him to come to her, which could easily take several >> months given how busy he is. > > How about a bootable openbsd usb which asks for the key on boot up.
You know, that's a really good idea. And for the stated purpose, it wouldn't really matter if OpenBSD supported the network card, or the cd drive; as long as it supported the hardware well enough to boot to a nice shell, which should cover a wide variety of computers, this should work. On Sat, 30 Apr 2011 13:31:37 -0500, Kraktus <[email protected]> wrote: >>Try to imagine a more mundane scenario. > Mark Felder wrote: > All of your scenarios are ridiculous. Just share the files in an encrypted > archive and get over it. > Any time you allow your "super secret" files to exist on a computer you don't > own or maintain > you cannot be sure the files have not been compromised. It doesn't matter if > a cross platform > block level encryption exists -- if you're allowing the files to be decrypted > by an OS you don't > run you might as well assume the files have been compromised on some level. > Just because > they're block level encrypted doesn't mean it's impossible for a > rootkit/trojan running with root > privs to read those files once Bob decrypts them so he can read them. You're missing the point. Just because there are security aspects outside your control (e.g. Bob's poor choice of operating system) doesn't mean you should totally give up on those security aspects in your control (e.g. Alice's operating system, whether or not the data is encrypted during transit). Rookit/spyware/trojan is often the result of a remote attacker. Encryption is for local attackers. Okay, so Bob's choice prevents Alice from having much chance at all of being able to protect against remote attackers. That doesn't prevent her from protecting her data against Eve, the meth addict and strictly local attacker, while taking her data to Bob. Now, maybe scenarios like that don't arise in a corporate situation where the corporation gets to decide everyone's operating system and can force everyone to use OpenBSD if they want to. But they do arise in personal situations for those of us who use OpenBSD in our personal lives.
