On Wed, Apr 14, 2010 at 08:42:58PM +0200, Olivier Sessink wrote: > Arno Wagner wrote: > > > Maybe tell us a bit more about your scenario? > > - the hardware is not under our control, Ok, I see your problem. > - the users are only slightly security aware > - a bootable USB stick is provided to the users, which has everything > encrypted (except for /boot for obvious reasons) Ok, so basically open, but it takes a bit of effort to get it open, namely to capture the passphrase. > because the hardware is not under our control we won't get 100% security > (I don't believe in 100% security anyway). So we try to avoid the most > common threats (most of them cybercrime related). Software botnets, > trojans etc. on the computer are defeated because we boot the hardware > from our own image. I think most of our users are enough security aware > that they should keep the USB stick secured (but I'm afraid not all of > them, so modifications to /boot is an issue). And a modified /boot will basically result in a broken system. > But physical attacks like security camera's, keyloggers etc. are still > possible. So we try to make them harder. I don't think our users are > enough security aware to detect a hardware keylogger (they won't even > notice that the usb plug is slightly larger than normal). That's why a > virtual keyboard would make things harder. Well, while I do not really think the virtual keyboard will help to a larger degree, it may still raise security a bit. In order to implement it, implement a virtual keyboard (e.g. using TK with Perl/Python) and have it give the passphrase to cryptsetup. Integrating a virtual keyboard into cryptsetup is really not the UNIX way and very bad software design, as it increases complexity significantly without need. The virtual keyboard should be a separate tool. What I do not see in the current cryptsetup though, is an option to read the passphrase from stdin, file or named pipe. That would be a reasonable extension IMO. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
