On Mon, Jan 06, 2014 at 22:01:56 CET, R3s1stanc3 wrote: > > Hi > today I read this post by the developers of Kali Linux: > http://www.kali.org/how-to/emergency-self-destruction-luks-kali/ > > I think, this is a really great feature and should be officially added > to the cryptsetup source. > So I wrote Milan and he told me, that there would be no additional > security, because an "attacker will simple first backup header and then > use this (or will use key from memory if device is mounted)." And he is right. There are border-cases though: If you, for example, cross the border of some unnamed but well-known states and they ask you to unlock your LUKS container (a low/no-suspicion situation; on medium and above suspicion they will already mirror your disk first), entering your nuke password will make you unable to do so. Now, have you won or lost? You have lost. First, they will arrest you because you fail to unlock your computer. If you are unlucky, they will find the nuke-patch or its effects and suspect you of having nuked the container (and maybe find out that you indeed did). Then they will not only hold you for deportation, but maybe a few years imprisonment first for "destroying evidence". Or maybe a long time without trial for being a "terrorist suspect". If you do this on an SSD, all data may still be there anyways. If they look at this stuff on medium or higher suspicion and find the nuke-password option, then you may be screwed in a similar fashion, just because of this. So, no, this does not add security, but it can get you into really bad trouble, including a significant time in prison. (Yes, it should not, but authoritarian regimes do not have laws based on ethics or benefit to its citizens. They have sbverted the idea of "the law" to make it an effective instrument of oppression, i.e., a weapon against ordinary people. This tendency can now be observed in the western world in several places.) My advice for the use-case "border crossing" is to not have encrypted data or suspicious data of any kind in the first place. If you have encrypted data, immediately and without question, allow them access to it. If you need confidental data in such a situation, download it later over the net, PGP/GnuPG is still out of the TLA's ability to break is the passphrase is good. > He also told me to move the discussion to the mailinglist and if we > would find some valuable use case, they would think about it. > So now I'm here > In my opinion, a valuable use case would be the following case: > If you got the possibility to access your computer for a few seconds, > before an attacker does, you simply could enter your nuke password and > delete the luks header. This would be much faster, than entering your > real password, booting your system and deleting the header, using the > system's tools > > Are there any other ideas of valuable use cases? That is not an use case. That is merely a description of a technical situation. A use-case needs a credible real-world situation of some detail, see my border-crossing example. It is just way to easy to come up with higly abstracted technical situations that do not have any real-world equivalent or are missing important real-world aspects, such as effects from using the technical feature. And, yes, this has been discussed time and again, without ever finding a situation where it helps and quite a few where it harms. I will add an FAQ entry for this, I think. But please, feel free to try for any real-world use-cases. If there are any credible ones, I will add them to the FAQ entry as well. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
