-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Uwe Menges wrote: > This is always the case if the LUKS volume is decrypted, with or without > the mechanism. Depends on the initramfs. The one I use for testing has it as part of busybox. > So the mechanism is only for... what? Basically it needs a locked state > and someone entering the destruct code. Yes. That's how I did it. Basically, I wanted to be able to say "Hey, you don't want to do that, the drive's flaky... whoops, you killed the drive. Told 'ya." > Bruteforce attacks will be done on copies, with a mechanism independant > from your kernel's variant of LUKS, so the destruct sequence doesn't > trigger. When the attack assumes a highly motivated, reasonably skilled, and probably decently funded attacker, that is correct. That is not the scenario I was usingwhen I did this, which was "Let's gank this guy for his research. We can make money off of it." > When being forced to unlock the system, such a mechanism could only > remove the option to get away by unlocking it. If you have attacker that > will beat you up for the contents, this leaves you with the worst case > that you can also choose by refusing to unlock. If I do give them the passphrase, what's to keep them from doing the same thing to keep me quiet? What's to keep them from killing me to keep me quiet? If someone's trying to get hold of my laptop I don't trust them to just let me go after they've copied $HOME. It seems like a lose-lose scenario for me no matter what. > If you need to wipe the LUKS header without the running system, you > could also use livecd or dban for wiping. Attacker rolls in, sees the DBAN screen, and shoots me out of spite. I still lose. > http://xkcd.com/538/ I have that one printed out and hanging above my display and I'm well aware of what you're saying. The reason I never published that /init script is because it wouldn't be reasonable for anyone to make use of it; there are better ways of accomplishing the same thing, such as not even having sensitive data on the laptop when traveling. - -- Eric Grejda - Security Engineer, the Prometheus Group PGP: 3651F89F / D04B D4D0 E5E2 5746 7CB7 05CA 1C92 4610 3651 F89F -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpgcfQACgkQHJJGEDZR+J/ELACcCkuNdqVkV21JvbRWLZGn5wRn QIAAnibEX2zRcMYy8+UfSkV6NIp2TA5b =S6+1 -----END PGP SIGNATURE----- --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
