1 |
On Jun 2, 2014, at 16:40, "J. Roeleveld" <joost@××××××××.org> wrote: |
2 |
|
3 |
> On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: |
4 |
>> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <neil@××××××××××.uk> wrote: |
5 |
>>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: |
6 |
>>>> The second option does sound what I am looking for. Basically, if I log |
7 |
>>>> out but leave my computer on, leave home, some crook/NSA type breaks in |
8 |
>>>> and tries to access something or steals my whole puter, they would just |
9 |
>>>> get garbage for data. That seems to fit the second option best. |
10 |
>>> |
11 |
>>> If they steal your computer they will have to power it off, unless you |
12 |
>>> are kind enough to leave them a large enough UPS to steal along with it, |
13 |
>>> so any encryption will be equally effective. |
14 |
>> |
15 |
>> If you're worried about casual thieves then just about any kind of |
16 |
>> properly-implemented encryption will stop them. |
17 |
>> |
18 |
>> If you're worried about a government official specifically tasked with |
19 |
>> retrieving your computer, my understanding is that it is SOP these |
20 |
>> days to retrieve your computer without powering it off for just this |
21 |
>> reason. They won't use your UPS to do it. Typically they remove the |
22 |
>> plug just far enough to expose the prongs, slide in a connector that |
23 |
>> connects it to a UPS, and then they pull it out the rest of the way |
24 |
>> now powered by the UPS. |
25 |
>> |
26 |
>> See something like: |
27 |
>> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ |
28 |
> |
29 |
> Hmm... Those are nice, but can be easily built yourself with an off-the-shelf |
30 |
> UPS. |
31 |
> |
32 |
>> Presumably somebody who is determined will also have the means to |
33 |
>> retrieve the contents of RAM once they seize your computer. Besides |
34 |
>> directlly accessing the memory bus I think most motherboards are not |
35 |
>> designed to be secure against attacks from PCI/firewire/etc. |
36 |
> |
37 |
> Hmm... add something to auto-shutdown the computer when a hotplug event occurs |
38 |
> on any of the internal ports and remove support for unused ports from the |
39 |
> kernel. |
40 |
> |
41 |
> I wonder how they'd keep a computer from initiating a shutdown procedure or |
42 |
> causing a kernel panic when it looses (wireless) connection to another device |
43 |
> that is unlikely to be moved when powered up? |
44 |
|
45 |
Well i have a switch in the door of the server room. It opens when you open the door. That signals the kernel to wipe all the encryption keys from kernel memory. Without the keys there is no access to the disks. After that another kernel is executed which wipes the memory of the old kernel. If you just pull the plug memory will stay in its state for an unspecified time. |
46 |
|
47 |
Swap uses random keys. |
48 |
|
49 |
network switches and routers get power only after firewall-server is up and running. |
50 |
|
51 |
There is no easy way to enter the room without wipeing the encryption keys. Booting up the server requires that a boot disk is brought to the computer to decrypt the boot drive. Grub2 can do this easily. This is to prevent some one to tamper eith a boot loader. |
52 |
|
53 |
System is not protected against hardware tamperment. The server room is an RF-cage. |
54 |
|
55 |
I consoder this setup quite secure. |
56 |
|
57 |
-- |
58 |
-Matti |