The function of encrypted disks is twofold. One is that, assuming an "evil
maid" multi-visit attack is not the issue, it protects data in the event of a
police raid or "burglary." The second is that recovery and failure to penetrate
one such encrypted computer deters future raids and "burglaries," on grounds or
limited manpower and resources. People don't fish in places where the fish
don't bite. Doesn't work all the time, but as part of "defense in depth" it
helps a LOT. They sure as hell never made another attempt to get computer
information from me.
There is a serious privacy concern in Ubuntu, hopefully not in Ubuntustudio by
default-Zeitgiest, with so far lacks controls to turn off logging. I remove it,
accept that Unity's menus won't work at all, and turn ~/.recently-used.xbel
into a directory. This both protects people I give an unencrypted build of the
OS I use (because they don't want to be bothered with memorizing a secure
passphrase) ands removes a file of great use to a skilled attacker if one finds
a way to read it online.
The other factors you mention are beyond the scope of a default OS install for
the most part. I will now discuss some of the measures that are used with
encryption when it is necessary to presume that a national government and not
just a local police department is the opposition. One should always prepare as
though the most capable adversary they will face will be the opponent. I will
now discuss encryption and computer "tradecraft" for this level:
CRT monitors should never be use where security is an issue, their RF
radiaiton is far too strong. In rural areas where you can control a large space
and move back the listening post (LP), RF signals travel a hell of a long way.
In urban areas they die really fast-but the LP could literally be on the other
side of the wall, so that's a wash. In the US, the codeword for the defense
against this mode of attack is "TEMPEST" and a tempested installation is one
that is RF shielded, by shielding the room, the installation, or both against
RF leakage. In the real world, RF chokes on power and other leads, an LED
monitor, a case with NO plastic panels lacking metal backings, and reportedly
not using analog VGA cables to the monitor all reduce RF leakage and force the
LP to be much closer and more easily detected. I've never heard of a TEMPEST
attack beng sucessfully used by the FBI against any activist in the US. If they
have it and don't want to admit to it, the data becomes far less useful.
ISP and phone snooping is another matter. No connection registered to the user
by a real name is safe, no home connection is safe, even wireless broadband
with GPS jammed and prepaid with fake personal info could be triangulated and
the right house guessed-or ALL houses in the triangulation zone raided in some
countries or low density areas. Assume your carrier copies everything you do
and keeps it forever. Use SSL for any site that supports it. Presumably
intellegence agencies can crack it, but Carnivore cannot, and neither can your
ISP. What your ISP cannot read, they cannot pass on to the FBI. the secret
police, or whoever.
Just using Ubuntu instead of an Adroid or iOS smartphone and using it on the
road is a big start, because the latter two OS's have been revealed to often
contain commercial spyware alled "CarrierIQ" that reports back URL's visited,
etc to the carriers. Once there, the security forces have access to it. Then we
can get into MAC address spooking, disposable external USB wifi cards on the
hardware side, and site selection on the user side.
I would not worry about raw video files being copied over the Internet, that
requires more bandwidth than most connections have. I suppose the FBI could
order a cable provider to give them a fast connection into someone's system
though. Raw photos this might be possible, same for text. Monitor your
bandwidth, watch for suspicious activity or processes
The "evil maid" boot keylogger attack is harder to implement against Ubuntu
than against Truecrypt, as everyone's initramfs is a little different and the
attack script will have to generate it locally without access to
/etc/initramfs-tools, just the existing initramfs. There are no published
reports of any intelligence service using this in the field, if this is an
issue keeping /boot on a falsh drige on your physical keyring makes this
attack impossible without access to that keyring.
The real dangers, assuming you use disk encryption, are this:
1: ANY unencrypted email on ANY server containing infomation that cannot be
told to a cop and a reporter at the same time.
2: A poorly-motivated member of the crew with custody of important information
snitching under pressure-NEVER share passphrases between users!
3: :Weak passphrases vulnerable to dictionary or publised-writing attacks,
widely used by the Secret Service.
4: : Smudges left on touch screens from password entry-this is a known and
published from of pass-pattern recovery.
5: Using public access wifi without consideration for the locations of
security cameras, or using the same site repeatedly for secure work.
6: Logging into personal email or social networking from any location while
doing secure work
7:Browsers that snoop: Chrome or Chromium without turning off the spyware, ANY
browser in it's default settings
8: THE WORST OFFENDER: Facebook! Don't use it at all.
9: Google. They keep EVERYTHING, always use Tor and/or the Scroogle anonymizer
to reach them
> Subject: Re: RE Re: Ubuntu ISO Testing team: New buildnotification-why
> encryption support is needed
> Message-ID: <op.v5uuiwdrqhadp0@suse11-2>
> Content-Type: text/plain; charset=iso-8859-1; format=flowed; delsp=yes
>
> Note, at least if you are using a CRT, no disc encryption isn't your
> biggest issue, since everybody able to use an antenna, is able to see
> everything on your screen from the house from the other side of the road.
>
> "Explicit" anarchistic data has no place on a computer. Encryption is
> completely safe. No intelligence service is able to do refactoring of
> primes, assumed the encryption avoids pseudo-primes, such as some Fermat
> numbers.
>
> The weak spot is the computer in general, there are several ways to spy,
> if a computer is used.
>
> Anyway, I agree that for states like China, encryption of discs is
> important, for western countries we need other methods to be more safe,
> assumed the data is explicit-explicit anarchistic. Writing about weed to
> e.g. some southern states in the USA, you only need 1024 encryption for
> your mails.
>
> Note, anonymous surfing and mailing isn't safe, if everybody is able to
> get access to e.g. your two telephone cables.
>
> 2 cents,
>
> Ralf
>
>
--
Ubuntu-Studio-devel mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-studio-devel
