cop-proof disk drives

Bill Stewart bill.stewart at pobox.com
Sat Apr 24 10:33:11 PDT 2004


That's really overkill.  Computers these days have enough
horsepower to run file system encryption in the CPU.
(If you remember 5-10 years ago, computers in those days
had enough horsepower to run disk compression in the CPU,
and CPU speed has increased a lot faster than disk throughput since then.)
Build the system with an inactivity timeout for /home if you want.
Swap space has the advantage that it doesn't need to preserve
state across system reboots, so you can run an encrypted swap
partition that generates a random key at boot time.

If you want to get fancy about rubber-hose prevention
and avoid the except-for-terrorism clause in the 5th amendment,
you could do something with secret-sharing with your
unindicted co-conspirators (oh, wait, they don't bother with
indictments these days, do they?) so that all of you
need to cooperate in a challenge-response thing
to restart some of the services.

Or you could hide that little 802.11 widget on the shelf
that stores one of the keyfiles you need to
access the secure drive.  Once UWB's widely available,
it'll be better for that (lower power - harder to detect.)

Just make sure that your system _is_ restartable after
power failures, because those are a much more likely event
than cop invasions. 





More information about the cypherpunks-legacy mailing list