[sf-lug] Full Disk Encryption options?
rick at linuxmafia.com
Mon Mar 24 13:31:13 PDT 2008
Quoting Erich Newell (erich.newell at gmail.com):
> Are you referring to my solution? I should hope not. Its about as simple as
> it gets.
Anyone who refers to whole-disk encryption as a simple solution has a
> 1. Encrypt entire drive except boot disk and crypto keys (needed for using
> said encrypted device)
> 2. Keep crypto keys and boot disk on your person at all times.
So, when the bad guys install the obvious and now-traditional hardware
keylogger, they'll be really amused, right? Maybe they'll leave you a
tip for comedy services.
> I'm all in favor of keeping my laptop on my person always...which I nearly
> always do. But its somewhat impractical to do all the time.
Security is always inconvenient, to some degree. That's inherent.
As I said, it's a matter of knowing whom you're dealing with, and
knowing your threat models. And deciding which ones you're willing to
worry about, and to what degree.
Certainly, if you're worried enough about the bad guys' physical access
to consider the immense imposition on one's computing entailed with
whole disk encryption, and the terrible toll on performance, you have
cause to worry about insertion of a cheap, commonly available hardware
gadget to spy on your machine's runtime operation.
At $FIRM, if I didn't want my laptop with me, say, over lunch, I found a
place to physically lock it up. Since I lived on Harrison near 3rd/4th
at the time, and $FIRM was not too far away in SOMA, that often meant
just bicycling home for a moment -- or locking it up in a friend's car.
> In counter point: what do you do when someone breaks into your house / car /
> office / hotel room and steals your HD or PC?
Call the cops and dust for fingerprints, for starters. What do you
_think_ I'd do? (You appear to be attributing to me an assertion that
my data cannot be stolen. The critique would be valid, if only I had
made such a claim. Alas....)
> I'm afraid multi-layered does not equal "over engineered".
I did not claim it did. What I said was: Your solution does not
competently address the described threat model.
Obviously, you are not going to be convinced, but you appear to have a
perspective problem and are over-enamoured of complex software solutions
to problems that fundamentally cannot be addressed using software.
Which makes you about typical for a computer geek, really.
More information about the sf-lug