Mr. Leininger: Now this idea has some merit! How would one make such a CD? For me, I would wish such a CD to have both a patched version of the Kernel as well as being inclusive of loop-aes code. Any ideas what the design specifications for such a disc would be? I have never made even an unencrypted bootable CD for Linux, but would love to know how to do so, for purposes of protecting my files and forcing an encrypted boot environment. Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@xxxxxxxxxxx west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, October 06, 2001 9:44 AM -----Original Message----- From: owner-linux-crypto@xxxxxxxxxxxx [mailto:owner-linux-crypto@xxxxxxxxxxxx]On Behalf Of Hank Leininger Sent: Saturday, October 06, 2001 9:45 AM To: linux-crypto@xxxxxxxxxxxx Subject: Re: encrypting the whole disk / all the data On 2001-10-05, Marc Mutz <Marc.Mutz@xxxxxxxxxxxxxxxx> wrote: > On Friday 05 October 2001 05:07, Antti Koskimäki wrote: > > Simple question: How do I guarantee that not a single bit of my > > essential data is written non-crypted on my Linux (laptop-)box ? [snip] > > Then root-filesystem. > What for? Multiple GB's of almost-known plaintext encrypted under a > single key just makes it easier for an attacker. You should only > encrypt what's secret. Your /usr surely isn't! Not speaking for Antti, but I'm concerned not just with "someone could steal the hard drive out of my laptop" but also "someone could steal the hard drive out of my laptop, trojan some important binaries in any non-encrypted partitions I have, then put it back, waiting for me to use it again and leak key material, run privileged tools while the encrypted filesystems are mounted, etc, and then steal it again." To provide at least some protection from that, you need some assurance of the integrity of, basically, everything. Plaintext /boot and encrypted everything else still isn't good enough, as the kernel / initrd could be swapped out by a malicious party. So, boot off a write-once CDROM with your handwriting on it (and/or which you carry seperate from the laptop--the business-card CDs would be good for this) and encrypt *everything* on the hard drive. Wouldn't hurt to also do fscks and md5sum checking of system binaries after the hard drive is losetup, too, since though they may not be able to do much they can surely scribble over things. -- Hank Leininger <hlein@xxxxxxxxxxxxxxxxxxxx> Then, of course, you're still trusting your BIOS, keyboard, EM radiation... Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
