[I hope this message won't get lost or misplaced. This is why I keep good part of the original message in my reply. I've recovered the message from the Google archive and some headers have been changed for sure, hopefully just the sender.]
[email protected]: > > > > Jan 25, 2019, 1:43 PM by [email protected]: > >> >> I just published R.I.S.K.S. (> https://19hundreds.github.io/risks-workflow >> <https://19hundreds.github.io/risks-workflow>> ). The source repo is > >> https://github.com/19hundreds/risks-workflow >> <https://github.com/19hundreds/risks-workflow>> . >> >> >> I've been searching for a viable system for managing my own secrets since a >> while and I'm still on it. >> >> >> Inspired by Snowden's experience with journalists, projects like Enough (> >> https://enough.community/ <https://enough.community/>> ) and determined to >> contribute the way I can against digital abuses (monitoring, tapping etc.) I >> decided to sum up what I know in a step-by-step guide providing a reasonable >> setup (hopefully) for defending user's secrets. >> >> >> I don't know if many feel the need for such a guide but I crafted it in the >> hope to be helpful to the vast majority of the audience. >> >> I apologize for the delay. > > It is really interesting collection. thank you Did you consider to: > > - use the Hidden Volume function like provided in the Vera Crypt? Today in > the US and GB, and more, you can be forced to unlock any encrypted partition > under the threat to be locked up indefinitely. Plausible deniability of > Hidden Volumes can help here. These risks are today very real. I did not consider Vera Crypt because I never used it. I wanted to provide a solid guide so I mostly used software that I know quite well. Plausible deniability is definitely important and RISKS does no do enough yet about it imo. I quickly looked up Vera Crypt manual: as far as I can see, the hidden partition can be spotted by any attacker rather easily. I didn't study it enough to judge or discard it. Lately I've been thinking of an alternative solution, tell me what you think about this. LUKS keys are small enough to be broken in few fragments (2 to 5) and each of them could be and hidden with steganography in one picture (chosen by the user). The pictures could be stored on any media on an unencrypted filesystem or even (partially or entirely) in the cloud. A script could perform the retrieve and gluing of the fragments. In this scenario the smartcard in mo more a necessity. There is still the problem of hiding the laptop and the fact that it's running Qubes but, at least, the user can travel without an encrypted smartcard. > - use some secure USB key, like Notrokey (I know, issue of trusting the > vendor, but it is similar to an SD card trust). It decreases the need to > remember more passphrases (all of it can theoretically sleep nicely on the > secure USB). (as a side note for those not knowing RISKS, it requires a very low mnemonic effort) It can be used with Heads to provide an interesting protection against Evil Maid. It also decreases the behind shoulder watching of input of long-strong passwords in exposed areas. You just use few-char-pass to unlock the HD or log into the system and more. Again, I'm ignorant about ad-hoc hardware and it's a choice motivated by these reasons: * dedicated hardware can be too expensive for some * I have trust issues with hardware. IntelMe was the straw that broke the camel's back. I prefer to use the stupidest piece of hardware available * I'm also concerned with hardware reliability: what happens if the key breaks and I'm in a situation/location where I can't get quickly a new one? what if I don't have backups with me? Can backups be tested before an accident happens? * At last but not least, purchasing this kind of hardware usually requires a credit card based purchase made over the internet. Little anonymity. I don't even trust alternative channels different from the producer's website: some reported cases of tampered hardware I'd love to be proven wrong but, so far, I don't think it's a good solution. > - use even the Hidden operating system on the secure USB, like that of > Nitrokey Storage. > Again, I'm ignorant in this but this time not willingly. Thank you for pointing it out, I'll give it a close look. It's a while that I'm thinking of a good way for hiding the OS. > Combining the above mentioned with your attitude, could be very interesting. You maybe considered what I mentioned and didn't opt for it for some reason. If so, why? > > Nice work tbh, good luck! Thanks, you too! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/210f8b77-f214-5813-5d4b-1265716705b6%40elude.in. For more options, visit https://groups.google.com/d/optout.
