Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Back to the OP: Re: Server/laptop full-disk encryption

Discussion on this topic has veered from the technical -- what's the state of
open-source or low-cost key-server and encryption software today -- to the
tactical: why bother?

I'll address the why-bother: I live in the heart of the tech capital of the
world, San Francisco.  The city is seeing a surge in property crimes, and a
crook not only grabbed a laptop right out of the bedroom but if he'd chosen to
do so, could have gotten one or more of the servers which contain a lifetime
of private data. The use-case is pretty trivial to describe: if a server is
lost to a future theft, I'd lose sleep over the what-if scenarios of crooks
who have enough savvy to fence stolen hard-drives to organized extortion rings
or others who are able to exploit stolen data.

That's a far-fetched scenario, perhaps, in a far-flung suburb of Boston but
I'm not crazy to defend against it here in SF.

I will repeat the acceptance-criteria that I raised in my OP:

(a) the keys are convenient, readily accessible at every reboot
(b) the keys can't readily fall into the wrong hands
(c) infrequently-accessed filesystems aren't accessible except when needed
(d) generated keys and pass-phrases have sufficient entropy
(e) the keys and pass-phrases can survive *me* (e.g. by somehow keeping an
up-to-date version in a bank safe-deposit box in case I get hit by the
proverbial bus)

My model for this is the commercial key-storage systems (and/or HSMs) sold by
companies like SafeNet and Vormetric.

Running through the installation procedure for Debian/Ubuntu would, of course,
encrypt the root filesystems but that's not my question:  I know /how/ to run
cryptsetup on filesystems of my existing already-installed servers.  But I
want to address the issues above which aren't addressed by merely typing a
pass-phrase into an installation script, hoping for the best, and avoiding
getting hit by a bus or forgetting the pass-phrase (which by the way I do all
the time: I am forever hitting the forgot-password links at the myriad
websites which require PW auth).

Security is really much harder than you think. My employer pays huge bucks for
me to think about this on the job, and I can't help but to think about it for
my personal data as well.


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /