[Freedombox-discuss] Debian FreedomBox = Existing Debian \packages on plug hardware

John Gilmore gnu at toad.com
Fri Mar 4 03:32:51 PST 2011

> In may require a warrant, but following severe breakdown of civil
> administration caused by either unrest or natural disaster, the rules may
> not be followed to the letter.
> I think it's desirable - across the spectrum of proposals for
> user-controlled network devices generally, not just Debian Freedomboxen - to
> store as much state as possible on very small removable media - i.e.
> micro-SD cards or similar - so that in the event of a raid by people likely
> to wish to silence your node, all that has to be concealed is a 15mm x 11mm
> card, which could be swallowed or easily concealed in any number of places.
> After the event the card could be inserted into another suitable device and
> the node would be back up and running with the same state it had previously.

I agree that having tiny portable storage devices would be very
useful for concealment and smuggling.  But...

There are severe technical problems to be solved to make flash-based
devices such as SD or microSD cards usable for information that you
want to keep private from "the authorities".  Due to flash's inability
to overwrite data in place, flash-based memories make multiple copies
of your data, don't keep track of the extra copies, and don't rapidly
or securely erase them.  Many provide no interface that merely asks
the entire device to erase itself into a clean, secure state.

Once you've written an incriminating file, or a crypto key, onto a
flash-based device, you can never be sure whether physically seizing
the device, ripping it open and probing the flash chips will produce
a copy of that file or key -- or not.  The only ways to be sure are
to (1) rip it apart yourself and look -- oops, the drive is now dead;
or (2) physically grind it into sand.  See:


Rotating magnetic disk drives have SOLVED this problem; they provide
Secure Erase commands that erase the drive such that not even experts
can extract the former contents (hdparm --security-erase-extended).
They are also quite good at securely erasing single files without
destroying the rest of the data and without physically destroying the
drive (GNU Shred).  Until the Flash hardware community provides
similar facilities, I recommend that the Freedom Box project fully
support magnetic disk drives for those who choose them.  Activists'
lives depend on getting this right.


Freedombox-discuss mailing list
Freedombox-discuss at lists.alioth.debian.org

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list