Re: Putting the "NSA Data Overwrite Standard" Legend to Death... (fwd)
at Monday, February 10, 2003 3:20 AM, Jim Choate <ravage@einstein.ssz.com> was seen to say:
On Sun, 9 Feb 2003, Sunder wrote:
The OS doesn't boot until you type in your passphrase, plug in your USB fob, etc. and allow it to read the key. Like, Duh! You know, you really ought to stop smoking crack. Spin doctor bullshit, you're not addressing the issue which is the mounting of an encrypted partition -before- the OS loads (eg lilo, which by the way doesn't really 'mount' a partition, encrypted or otherwise - it just follows a vector to a boot image that gets dumped into ram and the cpu gets a vector to execute it - one would hope it was the -intended- OS or fs de-encryption algorithm). What does that do? Nothing (unless you're the attacker). indeed. it usually boots a kernel image with whatever modules are required to get the main system up and running;
There are two and only two general applications for such an approach. A standard workstation which isn't used unless there is a warm body handy. The other being a server which one doesn't want to -reboot- without human intervention. Both imply that the physical site is -secure-, that is the weakness to all the current software solutions along this line. The solution is only applicable to cold or moderately tamper-proofed systems, to prevent analysis of such systems if confiscated. It can only become a serious component in an overall scheme, but this is universally true - there is no magic shield you can fit to *anything* to solve all ills; this will add protection against the specified attacks and in fact already exists for windows (drivecrypt pluspack) - it is just non-windoze platforms that lack a product in this area.
On Monday, February 10, 2003, at 03:25 AM, David Howe wrote:
The solution is only applicable to cold or moderately tamper-proofed systems, to prevent analysis of such systems if confiscated. It can only become a serious component in an overall scheme, but this is universally true - there is no magic shield you can fit to *anything* to solve all ills; this will add protection against the specified attacks and in fact already exists for windows (drivecrypt pluspack) - it is just non-windoze platforms that lack a product in this area.
With USAPATRIOT and HOMESEC REICHSPROTEKTION acts authorizing black bag jobs, break-ins, planting of evidence, keystroke-logging, administrative rubber-stamp warrants (no judge, just a GS-8 or higher saying "Go for it!'), it's time to revisit the issue of trap guns and booby traps. How about an audio warning to computer tamperers? "You have 10 seconds to clear the area before this computer detonates." Then, at the nearest door or sliding glass window, a rigged shotgun to decapitate those furiously trying to escape. (For safety reasons, interlock the shotgun or detcord with the alarms on the computer.) I expect the increase in black bag entries and break-ins is going to produce a few major court cases soon. What happens when a homeowner surprises a covert entry team in his house and a gunfight ensue? (With no warrant being shown to the homeowner, he cannot be said to have knowledge (scienter) that the apparent burglars or home invaders were actually "authorized.") A similar theme was in the Cypherpunks-required film "Arlington Road" a few years back. (Check your video store, though I don't see it often on cable or in the DVD bins, so it may have been deemed by the studio to be too close to the truth for public consumption.) A so-called "white power" compound is being trespassed-upon by BATFags and narcs, sneaking up on the compound without display of a search or arrest warrant. The residents think they are being attacked and start shooting. Many agents die. (Of course, at the end of "Arlington Road" even more evil doers are eradicated. Recommended before a trip to the desert to shoot.) --Tim May "That the said Constitution shall never be construed to authorize Congress to infringe the just liberty of the press or the rights of conscience; or to prevent the people of the United States who are peaceable citizens from keeping their own arms." --Samuel Adams
Tim writes:
With USAPATRIOT and HOMESEC REICHSPROTEKTION acts authorizing black bag jobs, break-ins, planting of evidence, keystroke-logging, administrative rubber-stamp warrants (no judge, just a GS-8 or higher saying "Go for it!'), it's time to revisit the issue of trap guns and booby traps.
Coincidentally, the news this morning reports on a home invasion in which a homeowner shot dead two of three members of an assault team that smashed into his condo and began firing. Details on the identities of the perps are being withheld from the news media pending further "investigation." http://www.dfw.com/mld/startelegram/news/local/states/texas/5021327.htm ----- Resident kills 2 condo intruders By Bill Miller Star-Telegram Dallas Bureau DALLAS - Gunfire erupted early Thursday morning when three men armed with pistols burst into a north Dallas condominium. Two of the intruders died when a resident returned fire, police said. Details were sketchy Thursday as Dallas homicide detectives investigated the shooting at the Kensington Square Apartments in the 15800 block of Knoll Trail Drive, just east of the North Dallas Tollway. Detectives said they were not yet ready to release the names of the people involved, only that the incident began around 9 a.m. in a condo that was occupied by the 29-year-old man, his wife and their three children. ... -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
participants (3)
-
David Howe -
Eric Cordian -
Tim May