Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Thu, Jun 05, 2014 at 12:24:22AM +0100, Neil Bothwick wrote: On Wed, 4 Jun 2014 21:59:18 +0200, Frank Steinmetzger wrote: I encrypt my home partition with LUKS and enter a passphrase during boot. But I always wanted to get decryption upon login running, especially because it would require me to enter one less password. But haven’t gotten around to that yet. Are you the only use of the computer? If so, set your display manager to auto-login, you have already authenticated yourself by unlocking the home partition. Now that’s an interesting idea I haven’t thought of yet. Thanks. My LUKS passphrase is much more secure than my ancient user password anyway *hehe*. With one notable exception. There is sometimes sensitive information in /etc, like wireless passwords. For that reason I put this stuff into /home/etc/$hostname/ (I back up my machines’ /etc on all other machines, also to have a reference if I need to know “How did I do this on $other_host?”). And then I symlink to that from the real location, i.e.: I used to do that, now I have an encrypted /, which contains the keys for any other encrypted volumes, so I still only need to enter one password. That falls into the category of using initrds which is also far down on my todo. I understand the mechanics and had played with dracut in the past, but nothing workable has come out of it yet. Nothing is illegal if one hundred businessmen decide to do it. Like stealing taglines. :-) -- Gruß | Greetings | Qapla’ Please do not share anything from, with or about me on any social network. Please notify me if you did not receive this message. signature.asc Description: Digital signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Thu, Jun 5, 2014 at 12:52 PM, Frank Steinmetzger war...@gmx.de wrote: Now that’s an interesting idea I haven’t thought of yet. Thanks. My LUKS passphrase is much more secure than my ancient user password anyway *hehe*. Only if it isn't the same. :) In theory neither really need be algorithmically more secure than the other, but there is more opportunity for somebody to capture your password after the system is running than while it is booting up. Rich
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, Jun 02, 2014 at 11:54:52AM +0100, Neil Bothwick wrote: On Mon, 02 Jun 2014 12:06:18 +0200, Alan McKinnon wrote: If you encrypt your home directory then you unlock it when you log in so logging out of your DE safely locks things again. I encrypt my home partition with LUKS and enter a passphrase during boot. But I always wanted to get decryption upon login running, especially because it would require me to enter one less password. But haven’t gotten around to that yet. You most likely want the second option, the odds that you have a valid need to protect /usr and /opt are not good. As a regular user out there, the stuff you want to protect is in /home (or you could easily move it to /home). With one notable exception. There is sometimes sensitive information in /etc, like wireless passwords. For that reason I put this stuff into /home/etc/$hostname/ (I back up my machines’ /etc on all other machines, also to have a reference if I need to know “How did I do this on $other_host?”). And then I symlink to that from the real location, i.e.: $ ls -ld /etc/wpa_supplicant lrwxrwxrwx 1 root root 29 28. Mär 21:02 /etc/wpa_supplicant - /home/etc/hostname/wpa_supplicant/ Cryptsetup comes early enough in the boot process for this to work (both with OpenRC and systemd). -- Gruß | Greetings | Qapla’ Please do not share anything from, with or about me on any social network. I just took an IQ test. The results were negative. signature.asc Description: Digital signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Wed, 4 Jun 2014 21:59:18 +0200, Frank Steinmetzger wrote: I encrypt my home partition with LUKS and enter a passphrase during boot. But I always wanted to get decryption upon login running, especially because it would require me to enter one less password. But haven’t gotten around to that yet. Are you the only use of the computer? If so, set your display manager to auto-login, you have already authenticated yourself by unlocking the home partition. With one notable exception. There is sometimes sensitive information in /etc, like wireless passwords. For that reason I put this stuff into /home/etc/$hostname/ (I back up my machines’ /etc on all other machines, also to have a reference if I need to know “How did I do this on $other_host?”). And then I symlink to that from the real location, i.e.: I used to do that, now I have an encrypted /, which contains the keys for any other encrypted volumes, so I still only need to enter one password. -- Neil Bothwick Nothing is illegal if one hundred businessmen decide to do it. signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Well, considering the fact that Linux comes with its own bunch of encrytion possibilities on its own, the demise of TrueCrypt on Linux is neglectable. Some people in Switzerland want to take over development, for further information take a look at www.truecrypt.ch. And then there's tc-play, a free implementation of TrueCrypt based on dm-crypt (https://github.com/bwalex/tc-play), which allows reading and creating TrueCrypt volumes on your own. It just lacks a good GUI so far. Cryptsetup since 1.6 supports reading the TrueCrypt on disk format. And zuluCrypt is a frontend to cryptsetup and tcplay, which acts as a GUI for those. So no loss at all if TrueCrypt would really cease to exist.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On 6/3/2014 3:17 AM, Marc Stürmer m...@marc-stuermer.de wrote: So no loss at all if TrueCrypt would really cease to exist. Which totally misses the point of *how* it happened. But never mind... it was definitely off-topic for gentoo.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Tuesday 03 Jun 2014 11:00:17 Tanstaafl wrote: On 6/3/2014 3:17 AM, Marc Stürmer m...@marc-stuermer.de wrote: So no loss at all if TrueCrypt would really cease to exist. Which totally misses the point of *how* it happened. But never mind... it was definitely off-topic for gentoo. With a secret development team in play we are verging on conspiracy theory territory, but could it be related to this latest announcement and Cryptolocker? http://www.symantec.com/connect/blogs/international-takedown-wounds-gameover-zeus-cybercrime-network PS. I don't know how Cryptolocker works, but it reads as if it is a filesystem level, rather than block device level encryption tool. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Jun 2, 2014, at 18:29, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 04:23:07 PM Matti Nykyri wrote: On Jun 2, 2014, at 17:52, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote: On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. You don't happen to have a howto on how to set that up? Well i have a deamon running and a self made logic device in COM-port. Very simple. It has a single serial-parallel converter to do simple IO. Currently it just controls one relay that powers the network-devices. I actually meant the software side: - How to wipe the keys and then wipe the whole memory. The dm-crypt module inside kernel provides a crypt_wipe_key function that wipes the memory portion that holds the key. It also invalidates the key, so that no further writes to the drive can occur. Suspending the device prior is recommended: dmsetup suspend /dev/to-device dmsetup message /dev/to-device 0 key wipe When you boot into your kernel you can setup a crash kernel inside your memory. The running kernel will not touch this area so you can be certain that there is no confidential data inside. Then you just wipe the area of the memory of the original kernel after you have executed your crash kernel. So I do this by opening /dev/mem in the crash kernel and then mmap every page you need to wipe. I use the memset to wipe the page. Begin from physical address where your original kernel is located and walk the way up. Skip the portion where you crash kernel is! Crash kernel location is in your kernel cmdline and the location of the original kernel in your kernel config. I consoder this setup quite secure. Makes me wonder what it is you are protecting your server from. :) Well just a hobby. I wanted to play with electronics. The server controls my heating, locks of the house, lights, airconditioning, fire-alarm and burglar-alarm. Gentoo-powered house... I would keep the system controlling all that off the internet with only a null-modem cable to an internet-connected server using a custom protocol. Anything that doesn't match the protocol initiates a full lock-down of the house. ;) But it is much more convenient to control everything from you phone via internet. Just have everything setup in a secure manner. Anyways it's easier for a common burglar to break the window then to hack the server! And you can not steal the stereos by hacking the server ;) -- -Matti
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Tuesday, June 03, 2014 09:53:58 PM Matti Nykyri wrote: On Jun 2, 2014, at 18:29, J. Roeleveld jo...@antarean.org wrote: I actually meant the software side: - How to wipe the keys and then wipe the whole memory. The dm-crypt module inside kernel provides a crypt_wipe_key function that wipes the memory portion that holds the key. It also invalidates the key, so that no further writes to the drive can occur. Suspending the device prior is recommended: dmsetup suspend /dev/to-device dmsetup message /dev/to-device 0 key wipe Thank you for this, wasn't aware of those yet. Does this also work with LUKS encrypted devices? When you boot into your kernel you can setup a crash kernel inside your memory. The running kernel will not touch this area so you can be certain that there is no confidential data inside. Then you just wipe the area of the memory of the original kernel after you have executed your crash kernel. So I do this by opening /dev/mem in the crash kernel and then mmap every page you need to wipe. I use the memset to wipe the page. Begin from physical address where your original kernel is located and walk the way up. Skip the portion where you crash kernel is! Crash kernel location is in your kernel cmdline and the location of the original kernel in your kernel config. Hmm.. this goes beyond me. Will need to google on this to see if I can find some more. Unless you know a good starting URL? I would keep the system controlling all that off the internet with only a null-modem cable to an internet-connected server using a custom protocol. Anything that doesn't match the protocol initiates a full lock-down of the house. ;) But it is much more convenient to control everything from you phone via internet. Just have everything setup in a secure manner. Anyways it's easier for a common burglar to break the window then to hack the server! And you can not steal the stereos by hacking the server ;) Perhaps, but I would have added security shutters to all the windows and doors which are also controlled by the same system. Smashing a window wouldn't help there. Especially if the only way to open those is by getting the server (which by then went into a full lock-down) to open them... Now only to add a halo fire suppression system to the server room and all you need to do is find a way to dispose of the mess ;) -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Jun 4, 2014, at 0:05, J. Roeleveld jo...@antarean.org wrote: On Tuesday, June 03, 2014 09:53:58 PM Matti Nykyri wrote: On Jun 2, 2014, at 18:29, J. Roeleveld jo...@antarean.org wrote: I actually meant the software side: - How to wipe the keys and then wipe the whole memory. The dm-crypt module inside kernel provides a crypt_wipe_key function that wipes the memory portion that holds the key. It also invalidates the key, so that no further writes to the drive can occur. Suspending the device prior is recommended: dmsetup suspend /dev/to-device dmsetup message /dev/to-device 0 key wipe Thank you for this, wasn't aware of those yet. Does this also work with LUKS encrypted devices? Yes. Well LUKS is just a binary header that contains all the necessary setups for a secure disk encryption. If you don't use LUKS you must do all the steps it does by your self. From kernel point of view it does not see LUKS at all. When cryptsetup setups a LUKS drive in device-mapper it gives it only the portion of the drive behind the LUKS-header. LUKS is just a good way of storing your setup (cipher, master key etc...). There is a really good article about LUKS, but i failed to find it now. When you boot into your kernel you can setup a crash kernel inside your memory. The running kernel will not touch this area so you can be certain that there is no confidential data inside. Then you just wipe the area of the memory of the original kernel after you have executed your crash kernel. So I do this by opening /dev/mem in the crash kernel and then mmap every page you need to wipe. I use the memset to wipe the page. Begin from physical address where your original kernel is located and walk the way up. Skip the portion where you crash kernel is! Crash kernel location is in your kernel cmdline and the location of the original kernel in your kernel config. Hmm.. this goes beyond me. Will need to google on this to see if I can find some more. Unless you know a good starting URL? Didn't find a good one either. Will continue searching. There are many ways to do it though. Through the kernel or just write your own program that runs all by it self... Like memtest86. In its source there is everything you need to wipe the memory. But that is more advanced then doing it via kernel interface in my opinion.. I would keep the system controlling all that off the internet with only a null-modem cable to an internet-connected server using a custom protocol. Anything that doesn't match the protocol initiates a full lock-down of the house. ;) But it is much more convenient to control everything from you phone via internet. Just have everything setup in a secure manner. Anyways it's easier for a common burglar to break the window then to hack the server! And you can not steal the stereos by hacking the server ;) Perhaps, but I would have added security shutters to all the windows and doors which are also controlled by the same system. Smashing a window wouldn't help there. Especially if the only way to open those is by getting the server (which by then went into a full lock-down) to open them... Now only to add a halo fire suppression system to the server room and all you need to do is find a way to dispose of the mess ;) Lol. -M
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 03.06.2014 12:00, schrieb Tanstaafl: So no loss at all if TrueCrypt would really cease to exist. Which totally misses the point of *how* it happened. How it happened is strange and you can make many theories about it. The more interesting question about it for sure is: why did many people trust such an anonymous development team at all?
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Tue, Jun 03, 2014 at 10:53:15PM +0300, Matti Nykyri wrote: On Jun 4, 2014, at 0:05, J. Roeleveld jo...@antarean.org wrote: On Tuesday, June 03, 2014 09:53:58 PM Matti Nykyri wrote: On Jun 2, 2014, at 18:29, J. Roeleveld jo...@antarean.org wrote: I actually meant the software side: - How to wipe the keys and then wipe the whole memory. The dm-crypt module inside kernel provides a crypt_wipe_key function that wipes the memory portion that holds the key. It also invalidates the key, so that no further writes to the drive can occur. Suspending the device prior is recommended: dmsetup suspend /dev/to-device dmsetup message /dev/to-device 0 key wipe Thank you for this, wasn't aware of those yet. Does this also work with LUKS encrypted devices? Yes. Well LUKS is just a binary header that contains all the necessary setups for a secure disk encryption. If you don't use LUKS you must do all the steps it does by your self. From kernel point of view it does not see LUKS at all. When cryptsetup setups a LUKS drive in device-mapper it gives it only the portion of the drive behind the LUKS-header. LUKS is just a good way of storing your setup (cipher, master key etc...). There is a really good article about LUKS, but i failed to find it now. Begin by reading these: tomb.dyne.org/Luks_on_disk_format.pdf http://clemens.endorphin.org/TKS1-draft.pdf http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf These contain very good info about LUKS and disk encryption. The last one is probably a bit ruff one. http://clemens.endorphin.org/cryptography - a good one. I strongly suggest to dig into disk encryption before implementing it! When you boot into your kernel you can setup a crash kernel inside your memory. The running kernel will not touch this area so you can be certain that there is no confidential data inside. Then you just wipe the area of the memory of the original kernel after you have executed your crash kernel. So I do this by opening /dev/mem in the crash kernel and then mmap every page you need to wipe. I use the memset to wipe the page. Begin from physical address where your original kernel is located and walk the way up. Skip the portion where you crash kernel is! Crash kernel location is in your kernel cmdline and the location of the original kernel in your kernel config. Hmm.. this goes beyond me. Will need to google on this to see if I can find some more. Unless you know a good starting URL? Didn't find a good one either. Will continue searching. Here are few pages: http://naveengopala-embeddedlinux.blogspot.fi/2012/01/reading-physical-mapped-memory-using.html http://stackoverflow.com/questions/647783/direct-memory-access-in-linux and mmap man-page for sure... It is really straight forward... just mmap the page you want and erase it. You will just need to know what addresses to mmap and what not. Do it one page at a time and always align. The memory should not contain very sensitive data on how to access your disks if you wipe the keys. There are many ways to do it though. Through the kernel or just write your own program that runs all by it self... Like memtest86. In its source there is everything you need to wipe the memory. But that is more advanced then doing it via kernel interface in my opinion.. I would keep the system controlling all that off the internet with only a null-modem cable to an internet-connected server using a custom protocol. Anything that doesn't match the protocol initiates a full lock-down of the house. ;) But it is much more convenient to control everything from you phone via internet. Just have everything setup in a secure manner. Anyways it's easier for a common burglar to break the window then to hack the server! And you can not steal the stereos by hacking the server ;) Perhaps, but I would have added security shutters to all the windows and doors which are also controlled by the same system. Smashing a window wouldn't help there. Especially if the only way to open those is by getting the server (which by then went into a full lock-down) to open them... Now only to add a halo fire suppression system to the server room and all you need to do is find a way to dispose of the mess ;) Lol. -M -- -Matti
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Volker Armin Hemmann wrote: Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Some links of interest: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html https://news.ycombinator.com/item?id=7812133 http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1 well, if true: good riddance. But I suspect some hacker-y or power struggle. I'm considering encrypting my home partition one of these days. Given the things that have come out in recent months, back doors and such, what is a good program/software/tool to use that is well . . . secure? Is there such a thing now? Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 10:22, schrieb Dale: Volker Armin Hemmann wrote: Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Some links of interest: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html https://news.ycombinator.com/item?id=7812133 http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1 well, if true: good riddance. But I suspect some hacker-y or power struggle. I'm considering encrypting my home partition one of these days. Given the things that have come out in recent months, back doors and such, what is a good program/software/tool to use that is well . . . secure? Is there such a thing now? Depends on your needs, for encrypting complete devices/partitions try the kernels dm-crypt/luks module. If you just want to encrypt a directory try encfs, and for file encryption there's openssl and gpg signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote: I'm considering encrypting my home partition one of these days. Given the things that have come out in recent months, back doors and such, what is a good program/software/tool to use that is well . . . secure? Is there such a thing now? Depends on your needs, for encrypting complete devices/partitions try the kernels dm-crypt/luks module. If you just want to encrypt a directory try encfs, and for file encryption there's openssl and gpg Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which needs FUSE, when ecryptfs does the same thing in kernel space? -- Neil Bothwick Blessed be the pessimist for he hath made backups. signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 10:22, schrieb Dale: Volker Armin Hemmann wrote: Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Some links of interest: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html https://news.ycombinator.com/item?id=7812133 http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1 well, if true: good riddance. But I suspect some hacker-y or power struggle. I'm considering encrypting my home partition one of these days. why? if you are hacked, they just read what you are reading. Encryption does not help you there at all. If your box is used by the state against you they just force you to give them the keys. Just rm -rf /home if they a knocking on your door.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, 02 Jun 2014 11:24:35 +0200, Volker Armin Hemmann wrote: I'm considering encrypting my home partition one of these days. why? if you are hacked, they just read what you are reading. Encryption does not help you there at all. It helps if your computer is stolen. This is more, but not only, relevant to laptops. -- Neil Bothwick Member, National Association For Tagline Assimilators (NAFTA) signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Neil Bothwick wrote: On Mon, 02 Jun 2014 11:24:35 +0200, Volker Armin Hemmann wrote: I'm considering encrypting my home partition one of these days. why? if you are hacked, they just read what you are reading. Encryption does not help you there at all. It helps if your computer is stolen. This is more, but not only, relevant to laptops. I admit, I have never used encryption like this before. I am assuming that if I logout of my GUI, then it is encrypted at that point? Once I log back in, it decrypts it again? Am I at least close? I do have a desktop system. No lappy, yet anyway. Maybe one of these days. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On 02/06/2014 11:48, Dale wrote: Neil Bothwick wrote: On Mon, 02 Jun 2014 11:24:35 +0200, Volker Armin Hemmann wrote: I'm considering encrypting my home partition one of these days. why? if you are hacked, they just read what you are reading. Encryption does not help you there at all. It helps if your computer is stolen. This is more, but not only, relevant to laptops. I admit, I have never used encryption like this before. I am assuming that if I logout of my GUI, then it is encrypted at that point? Once I log back in, it decrypts it again? Am I at least close? All disk encryption works to this general plan: You log in (or boot up), the system asks for a password/key or whatever, then unlocks the encryption used. Reads for the disk are decrypted on the fly, writes are encrypted on the fly. What is on disk is always in an encrypted state. Safety depends on how you set it up - if you use full disk encryption then you must unlock it at boot time. The disk is still readable until you power off or reboot. If you encrypt your home directory then you unlock it when you log in so logging out of your DE safely locks things again. You most likely want the second option, the odds that you have a valid need to protect /usr and /opt are not good. As a regular user out there, the stuff you want to protect is in /home (or you could easily move it to /home). You'd also want to encrypt /tmp and swap as your running apps often write secret stuff there (like ssh and gpg sockets) - that is really just an extension of why you want to encrpyt /home itself I do have a desktop system. No lappy, yet anyway. Maybe one of these days. Dale :-) :-) -- Alan McKinnon alan.mckin...@gmail.com
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On 6/1/2014 1:45 PM, Volker Armin Hemmann volkerar...@googlemail.com wrote: Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Some links of interest: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html https://news.ycombinator.com/item?id=7812133 http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1 well, if true: good riddance. Just because you don't like something doesn't mean it has no value. Yes, on linux, there are much better options, but for windows users, it is (was) the best solution available bar none, and an amazing product. But I suspect some hacker-y or power struggle. Which means you took zero seconds to verify the veracity of the information. Uninformed comments are less than useless. And I forgot that most here are not windows users for whatever reason (some are just elitist pricks, some are purists for philosophical reasons, and some simply don't have to use Windows for a $dayjob. The fact is, Truecrypt is (was) THE GoTo encryption method for purely Windows based systems. I just thought there might actually be some rational people on the list that would like to discuss the ramifications of such a major happening. Guess I was wrong.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 11:20, schrieb Neil Bothwick: On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote: I'm considering encrypting my home partition one of these days. Given the things that have come out in recent months, back doors and such, what is a good program/software/tool to use that is well . . . secure? Is there such a thing now? Depends on your needs, for encrypting complete devices/partitions try the kernels dm-crypt/luks module. If you just want to encrypt a directory try encfs, and for file encryption there's openssl and gpg Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which needs FUSE, when ecryptfs does the same thing in kernel space? True, I totally forgot about ecryptfs :-) signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Alan McKinnon wrote: On 02/06/2014 11:48, Dale wrote: I admit, I have never used encryption like this before. I am assuming that if I logout of my GUI, then it is encrypted at that point? Once I log back in, it decrypts it again? Am I at least close? All disk encryption works to this general plan: You log in (or boot up), the system asks for a password/key or whatever, then unlocks the encryption used. Reads for the disk are decrypted on the fly, writes are encrypted on the fly. What is on disk is always in an encrypted state. Safety depends on how you set it up - if you use full disk encryption then you must unlock it at boot time. The disk is still readable until you power off or reboot. If you encrypt your home directory then you unlock it when you log in so logging out of your DE safely locks things again. You most likely want the second option, the odds that you have a valid need to protect /usr and /opt are not good. As a regular user out there, the stuff you want to protect is in /home (or you could easily move it to /home). You'd also want to encrypt /tmp and swap as your running apps often write secret stuff there (like ssh and gpg sockets) - that is really just an extension of why you want to encrpyt /home itself The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. I'll have to get me a new hard drive first tho. I'm going to try and get a 4TB drive at some point and use the current 3TB drive for backups, encrypted to I hope. Thanks for the info. Water is not quite so muddy. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, Jun 2, 2014 at 6:06 AM, Alan McKinnon alan.mckin...@gmail.com wrote: You log in (or boot up), the system asks for a password/key or whatever, then unlocks the encryption used. The more common approach is to not prompt for a password/key, but instead store it in the TPM using a trusted boot path. This is possible on Linux, but the only distro using it is ChromeOS as far as I'm aware (granted, there are probably more Chromebooks in desktop use these days than all the other distros combined). On Windows this is how just about everybody does it. This is far more convenient as it does not require a password when booting. If you don't trust the person who will be using the machine it is more secure against attacks by the legitimate user (typically in these situations the computer is owned by a corporation, not the end-user). On the other hand, if somebody steals your laptop they can boot it without issue. Then if they have some way to exploit the running OS they can get at the contents of the drive (though the home directory could still be encrypted using the user's password on top of full-disk encryption). For attacks by anybody other than the NSA using the TPM is potentially a lot more secure. Instead of depending on a bunch of rounds of crypto to prevent brute-forcing of a simple password you are depending on the security of the TPM. The TPM can be told to forget the key after a certain number of failed attempts to get at it. If you're worried about the NSA it seems likely that your TPM has a back door for them, but my sense is that if the NSA is THAT determined to get your data there really isn't anything you're going to be able to do about it. Rich
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, 02 Jun 2014 12:06:18 +0200, Alan McKinnon wrote: If you encrypt your home directory then you unlock it when you log in so logging out of your DE safely locks things again. You most likely want the second option, the odds that you have a valid need to protect /usr and /opt are not good. As a regular user out there, the stuff you want to protect is in /home (or you could easily move it to /home). With one notable exception. There is sometimes sensitive information in /etc, like wireless passwords. -- Neil Bothwick Being defeated is a temporary condition. Giving up is what makes it permanent signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. -- Neil Bothwick Capt'n! The spellchecker kinna take this abuse! signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 12:22, schrieb Tanstaafl: On 6/1/2014 1:45 PM, Volker Armin Hemmann volkerar...@googlemail.com wrote: Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Some links of interest: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html https://news.ycombinator.com/item?id=7812133 http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1 well, if true: good riddance. Just because you don't like something doesn't mean it has no value. Yes, on linux, there are much better options, but for windows users, it is (was) the best solution available bar none, and an amazing product. no, I mean good riddance of a shady, probably stolen software with unknown devs behind it holding the keys to your data. You should sweat a lot right now. But I suspect some hacker-y or power struggle. Which means you took zero seconds to verify the veracity of the information. Uninformed comments are less than useless. I took a lot of time to gather information. And came to the conclusion mentioned above. But please continue to waste my time with your useless posts on this ml and your overall insulting tone. Oh, you know what, forget it. I am always eager to lower the overall standards of conversation. And I forgot that most here are not windows users for whatever reason (some are just elitist pricks, some are purists for philosophical reasons, and some simply don't have to use Windows for a $dayjob. what does this mangled mess of a sentence has to do with anything? Besides, you forgot: people who just don't like Windows or MacOSX and are happy that they don't have to use that garbage at home. Bad enough that you have to use it at work. The fact is, Truecrypt is (was) THE GoTo encryption method for purely Windows based systems. really? Why? And why should I care? There are many (good) methods. Another one will take over soon. But if I ask any of my 300 co-workers, I am sure that only 3 would know what truecrypt is. I just thought there might actually be some rational people on the list that would like to discuss the ramifications of such a major happening. Guess I was wrong. what 'ramifications'? that a shady software, developed in the shadow, with a strange licence suddenly goes away?
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Neil Bothwick wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. True but just in case they decide to sit down and give it a whirl first, may as well be encrypted. It gives me a shot at least. I access my bank and such on this thing. I'd rather they not get that for sure. That said, my UPS claims it will run for about a hour or so. They could go quite a ways around here in a hour. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, 02 Jun 2014 06:04:44 -0500, Dale wrote: That said, my UPS claims it will run for about a hour or so. They could go quite a ways around here in a hour. Mine won't last that long, but it does make quite a racket when you disconnect the mains, maybe loud enough to have a thief leave it behind. -- Neil Bothwick Life is a sexually transmitted disease and the mortality rate is 100%. signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Monday, June 02, 2014 11:56:24 AM Neil Bothwick wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. You only need a UPS that can keep a machine running for about a few minutes. First start the portable generator, then unplug the UPS from the wall and plug it into the portable generator. Then when in the car/van/truck/... plug it over from the portable generator into a 12V / 24V - 120/240V DC/AC converter and drive to a location where you have the tools to hack into a running machine. Best configure the machine to auto-power-down when it looses connection to a fixed device in your home, like the smart meter, bluetooth headset,... or anything else that has a built-in wireless capability. -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Monday, June 02, 2014 12:10:38 PM Neil Bothwick wrote: On Mon, 02 Jun 2014 06:04:44 -0500, Dale wrote: That said, my UPS claims it will run for about a hour or so. They could go quite a ways around here in a hour. Mine won't last that long, but it does make quite a racket when you disconnect the mains, maybe loud enough to have a thief leave it behind. Those alarms are silenced when plugged back into a powersource and usually there is a silence-button on the UPS. -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Rich
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Neil Bothwick wrote: On Mon, 02 Jun 2014 06:04:44 -0500, Dale wrote: That said, my UPS claims it will run for about a hour or so. They could go quite a ways around here in a hour. Mine won't last that long, but it does make quite a racket when you disconnect the mains, maybe loud enough to have a thief leave it behind. I have a CyberPower 1350 and it runs quiet. It does have a small fan that comes on when running off the batteries but it's quiet enough. The beeping gets on my nerves tho. My puter only pulls about 150 watts and that is with the router, modem and monitor all running. If they unplug all that except for the puter, then it may run for over a hour. What I should do when I have the puter turned off again is run the power plug through my desk or something in such a way that it would have to be unplugged before moving the puter. Well, I guess they could take the desk to but given the layout of the place, good luck with that. I had to disassemble the desk to get it down the hallway. Gosh, this could get a bit crazy after a while. Thing is, I don't have any trust in the Govt here. It's been questionable for a good long while but now, zip, nada, null etc etc etc. Now to catch those 4TB drives on sale. ;-) Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, Jun 2, 2014 at 5:20 PM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 10:53:51 +0200, Michael Hampicke wrote: I'm considering encrypting my home partition one of these days. Given the things that have come out in recent months, back doors and such, what is a good program/software/tool to use that is well . . . secure? Is there such a thing now? Depends on your needs, for encrypting complete devices/partitions try the kernels dm-crypt/luks module. If you just want to encrypt a directory try encfs, and for file encryption there's openssl and gpg Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which needs FUSE, when ecryptfs does the same thing in kernel space? for dual-boot systems, or simply from the point of system recovery, I find it really attractive that I can, for example, open an encfs filesystem in the other operating system (there's an encfs for windows). Besides, I think the fact that you're doing encryption / decryption on the fly completely overshadows the performance hit from running a userspace filesystem anyways. Also, it's extremely convenient to be able to mount / unmount the encfs on the fly without su, sudo, or messing with fstab, as, for instance, with the case of portable hard disks or usb sticks, where you don't want to automatically unencrypt the contents unless you're prompted for the password. -- This email is:[ ] actionable [x] fyi[ ] social Response needed: [ ] yes [x] up to you [ ] no Time-sensitive: [ ] immediate[ ] soon [x] none
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Rich Freeman wrote: If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Rich Now that is wicked. Like I said, this could get crazy. ROFL Thing is, with Linux, it could be set up to run a script so that if say the keyboard/mouse/some other device is removed, it runs shutdown. It seems the biggest thing as for as Govt goes, having it do something they can't anticipate it doing that locks things down or does a rm -rfv /* or some other nasty command. I might add, on a older rig I tried that command once. I ran rm -rfv /* and it didn't erase everything like I thought it would. I figured the command would be loaded in ram and would run until the end of the / structure. It didn't. I can't recall how far it got now but I think it was in the /proc directory. I figure it deleted the process and sort of forgot to finish. It's been a while since I did that tho. Details are fuzzy. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. Swap uses random keys. network switches and routers get power only after firewall-server is up and running. There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. -- -Matti
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, 2 Jun 2014 19:34:40 +0800, Mark David Dumlao wrote: Definitely dm-crypt/LUKS for partitions/devices, but why use encfs which needs FUSE, when ecryptfs does the same thing in kernel space? for dual-boot systems, or simply from the point of system recovery, I find it really attractive that I can, for example, open an encfs filesystem in the other operating system (there's an encfs for windows). I don't use Windows, so my other operating system is usually System Rescue Cd :) Besides, I think the fact that you're doing encryption / decryption on the fly completely overshadows the performance hit from running a userspace filesystem anyways. Or adds to it... Also, it's extremely convenient to be able to mount / unmount the encfs on the fly without su, sudo, or messing with fstab, as, for instance, with the case of portable hard disks or usb sticks, where you don't want to automatically unencrypt the contents unless you're prompted for the password. AFAIR ecryptfs doesn't require root privileges. -- Neil Bothwick Anyone able to feel pain is trainable. signature.asc Description: PGP signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
I might add, on a older rig I tried that command once. I ran rm -rfv /* and it didn't erase everything like I thought it would. I figured the command would be loaded in ram and would run until the end of the / structure. It didn't. I can't recall how far it got now but I think it was in the /proc directory. I figure it deleted the process and sort of forgot to finish. It's been a while since I did that tho. Details are fuzzy. # rm -rfv / rm: it is dangerous to operate recursively on ‘/’ rm: use --no-preserve-root to override this failsafe # rm -rfv --no-preserve-root / ** deletes lots of stuff** ** cannot delete in /proc ** ** cannot delete in /sys ** ** deletes more stuff ** ** finshed with status 0 ** System broken :-) Don't worry, it was only a virtual machine. signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Jun 2, 2014, at 15:06, Dale rdalek1...@gmail.com wrote: Rich Freeman wrote: If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Rich Now that is wicked. Like I said, this could get crazy. ROFL Thing is, with Linux, it could be set up to run a script so that if say the keyboard/mouse/some other device is removed, it runs shutdown. It seems the biggest thing as for as Govt goes, having it do something they can't anticipate it doing that locks things down or does a rm -rfv /* or some other nasty command. I might add, on a older rig I tried that command once. I ran rm -rfv /* and it didn't erase everything like I thought it would. I figured the command would be loaded in ram and would run until the end of the / structure. It didn't. I can't recall how far it got now but I think it was in the /proc directory. I figure it deleted the process and sort of forgot to finish. It's been a while since I did that tho. Details are fuzzy. Well rm does not remove anything. It just unlinks the data. If you use journalling fs, everithing is recoverable from journal easily. And even without the journal you will easily get most of the data. dd if=/dev/zero of=/dev/your-root-drive bs=4096 This will wipe data so that it is quite hard to retrive it. Retriving would require opening the drive, etc... -- -Matti
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Le 2014-06-02 13:23, Matti Nykyri a écrit : On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. Swap uses random keys. network switches and routers get power only after firewall-server is up and running. There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. It's nice to encrypt and wipe things automatically, but what about the backups?
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote: On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. You don't happen to have a howto on how to set that up? Swap uses random keys. network switches and routers get power only after firewall-server is up and running. networked powersockets? There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. Makes me wonder what it is you are protecting your server from. :) -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Jun 2, 2014, at 15:36, godzil god...@godzil.net wrote: Le 2014-06-02 13:23, Matti Nykyri a écrit : On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. Swap uses random keys. network switches and routers get power only after firewall-server is up and running. There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. It's nice to encrypt and wipe things automatically, but what about the backups? Well i have backups on their own drive with its own keys. I have backups of the keys in another location. The drives are LUKS drivers with detached LUKS info. -- -Matti
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Jun 2, 2014, at 17:52, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote: On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. You don't happen to have a howto on how to set that up? Well i have a deamon running and a self made logic device in COM-port. Very simple. It has a single serial-parallel converter to do simple IO. Currently it just controls one relay that powers the network-devices. Swap uses random keys. network switches and routers get power only after firewall-server is up and running. networked powersockets? A normal logic port and a transistor and then relay that controls power to the sockets of the network-devices :) There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. Makes me wonder what it is you are protecting your server from. :) Well just a hobby. I wanted to play with electronics. The server controls my heating, locks of the house, lights, airconditioning, fire-alarm and burglar-alarm. Gentoo-powered house... -- -Matti
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Mon, Jun 2, 2014 at 8:06 AM, Dale rdalek1...@gmail.com wrote: Now that is wicked. Like I said, this could get crazy. Meh. I don't encrypt my disks for desktops at home. My Chromebook comes encrypted out-of-the-box (no doubt the NSA can have it unlocked on request). If I had any other laptops I'd probably use full-disk encryption of some kind on it. My threat model for disk encryption is that somebody steals my laptop and wants to rummage for passwords/credit card numbers/etc. If they stole my desktop they'd probably give up when they find the data is stored on btrfs in raid1 mode, and even the vanilla ext4 backup disk probably would deter them, but if they're stealing my desktop they're probably stealing my passport, birth certificates, and all that other good stuff anyway. As far as the NSA sending Ninjas through the windows goes, I really see the threat there as having two levels. One is that the NSA does pervasive monitoring of virtually everything they can get their hands on to look for trends/etc. The other is that the NSA has a specific interest in you, for whatever reason. For general NSA monitoring simply using https/TLS/etc is about as good as you're going to get. Chances are they aren't interested in attacking your PC due to the economics of it, and if they use zero-days widely there is a risk of them being detected (and thus the bug they exploit gets fixed and they have to find another). They probably read any unencrypted packets that go through a router at any of the big choke points - probably a substantial part of the total volume crossing the internet. They probably do not store most of that data - they look for whatever they look for and discard the rest. They probably have root on major service provider networks (either with or without cooperation), so they're reading your Gmail/Facebook/etc, so they really don't care if you use https to connect to those services. If you're a target of interest then the gloves come off, depending on just how interesting you are. Most likely you're going to be targeted for a remote exploit with professional management of a rootkit on your devices. All your network traffic might be captured and retained. If you're really interesting they might send the ninjas at night. You get all those nice value-added-services like pre-installed rootkits in any hardware you buy, probably from any vendor as long as it passes through a country that is US-friendly (which is just about everywhere). If you're looking to evade general monitoring your best bet is to not communicate with anybody who isn't as paranoid as you are. You probably should refrain from posting on lists like this one, as they are recording the people you correspond with to determine what sort of person you are. Honestly, you're best off not using the Internet at all, since there isn't anybody you can talk to who won't leak everything to the NSA unwittingly. However, the reality is that most of us are pretty boring, so the NSA probably doesn't care what we do. If you're looking to evade specific monitoring then I don't know what to tell you. They targeted the Iranian uranium enrichment program and that was behind a sneakernet. I suspect that they have different levels of effort for various targets. For example, Snowden revealed that the NSA looks to root boxes belonging to sysadmins who have access to services they're interested in - so if they wanted to poke around on the Gentoo forum logs to find IPs they might look to root members of infra, even though the members of infra aren't of interest otherwise. I run a tor relay and I wouldn't be surprised if they rooted my box as a result - rooting all the tor relays would allow them to de-anonymize tor completely. Sure, you can wire up the door to drop your server in a vat of acid, but that doesn't help if they have a zero-day for your server. Honestly, I just don't worry about it. If they want to root me, I doubt worrying about it is going to change anything. I'd rather if they didn't, or if they are going to do it anyway I wish that I could just ask them to send me a copy of my data so that I could stop worrying about running my own backups. Rich
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Monday, June 02, 2014 04:23:07 PM Matti Nykyri wrote: On Jun 2, 2014, at 17:52, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote: On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. You don't happen to have a howto on how to set that up? Well i have a deamon running and a self made logic device in COM-port. Very simple. It has a single serial-parallel converter to do simple IO. Currently it just controls one relay that powers the network-devices. I actually meant the software side: - How to wipe the keys and then wipe the whole memory. I consoder this setup quite secure. Makes me wonder what it is you are protecting your server from. :) Well just a hobby. I wanted to play with electronics. The server controls my heating, locks of the house, lights, airconditioning, fire-alarm and burglar-alarm. Gentoo-powered house... I would keep the system controlling all that off the internet with only a null-modem cable to an internet-connected server using a custom protocol. Anything that doesn't match the protocol initiates a full lock-down of the house. ;) -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
So you backup on harddrive, not tape and theses are not incremental backups. But my question about backup was not only for you but for all that encrypt their servers. The backup part is generally the weakest point. Le 2014-06-02 13:58, Matti Nykyri a écrit : On Jun 2, 2014, at 15:36, godzil god...@godzil.net wrote: Le 2014-06-02 13:23, Matti Nykyri a écrit : On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. Swap uses random keys. network switches and routers get power only after firewall-server is up and running. There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. It's nice to encrypt and wipe things automatically, but what about the backups? Well i have backups on their own drive with its own keys. I have backups of the keys in another location. The drives are LUKS drivers with detached LUKS info.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 12:56, schrieb Neil Bothwick: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. if they go so far to steal his box, they will probably be willing to use some rubber hose attacks to break the key...
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 13:28, schrieb Rich Freeman: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ only works with sockets of unsafe design - aka american stuff. Can not be used with Schuko sockets.
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
On Monday, June 02, 2014 07:14:27 PM Volker Armin Hemmann wrote: Am 02.06.2014 13:28, schrieb Rich Freeman: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ only works with sockets of unsafe design - aka american stuff. Can not be used with Schuko sockets. Actually, it can be used with Schuko sockets, just a bit risky... 1) Strip the wire 2) split off the power wires 3) plug the powersupply directly onto the core of the cable. 4) unplug from the wall -- Joost
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 02.06.2014 16:52, schrieb J. Roeleveld: On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote: On Jun 2, 2014, at 16:40, J. Roeleveld jo...@antarean.org wrote: On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: The second option does sound what I am looking for. Basically, if I log out but leave my computer on, leave home, some crook/NSA type breaks in and tries to access something or steals my whole puter, they would just get garbage for data. That seems to fit the second option best. If they steal your computer they will have to power it off, unless you are kind enough to leave them a large enough UPS to steal along with it, so any encryption will be equally effective. If you're worried about casual thieves then just about any kind of properly-implemented encryption will stop them. If you're worried about a government official specifically tasked with retrieving your computer, my understanding is that it is SOP these days to retrieve your computer without powering it off for just this reason. They won't use your UPS to do it. Typically they remove the plug just far enough to expose the prongs, slide in a connector that connects it to a UPS, and then they pull it out the rest of the way now powered by the UPS. See something like: http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ Hmm... Those are nice, but can be easily built yourself with an off-the-shelf UPS. Presumably somebody who is determined will also have the means to retrieve the contents of RAM once they seize your computer. Besides directlly accessing the memory bus I think most motherboards are not designed to be secure against attacks from PCI/firewire/etc. Hmm... add something to auto-shutdown the computer when a hotplug event occurs on any of the internal ports and remove support for unused ports from the kernel. I wonder how they'd keep a computer from initiating a shutdown procedure or causing a kernel panic when it looses (wireless) connection to another device that is unlikely to be moved when powered up? Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. You don't happen to have a howto on how to set that up? Swap uses random keys. network switches and routers get power only after firewall-server is up and running. networked powersockets? There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. System is not protected against hardware tamperment. The server room is an RF-cage. I consoder this setup quite secure. Makes me wonder what it is you are protecting your server from. :) some people really want to hide their porn collection. No, I don't know what is in that black aluminium case. Yeah, lost the keys a long time ago. No, I don't want to throw it away, the plant looks so nice on it ...
Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?
Am 01.06.2014 14:31, schrieb Tanstaafl: Wow, I've been mostly offline for a few days, and this morning when playing catch up on the news, learned that Truecrypt, one of my all time favorite apps, is no more. Some links of interest: https://www.schneier.com/blog/archives/2014/05/truecrypt_wtf.html https://news.ycombinator.com/item?id=7812133 http://community.spiceworks.com/topic/505372-truecrypt-is-dead?page=1 well, if true: good riddance. But I suspect some hacker-y or power struggle.
