http://www.truecrypt.org is one I use, and it does an excellent job. This is the base filesystem I use on all of my portable media, as well as offsite home backups. Yeah, I used to have to wear a paranoid hat at work, and it leaked into my personal life :).
| [reply] |
Thanks, zentara. :)
I guess I've learned everything directly related to my question from make perl more forgetting. However, from that thread I also learned that the situation is far more complex than I first thought. (Isn't it always?)
Your 2 ideas would probably be helpful in dealing with some of the other factors... I'll investigate.
email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'
| [reply] |
I'll investigateNot to beat it to death, more of a sales pitch.....Save your time, and go with the encrypted loopback filesystem. It is the solution adopted by the experts. The TrueCrypt mentioned earlier is nice, but you can easily roll-your own on linux, and some distros like SuSE, have the option to use encrypted filesystems at the install process. All you really need is a patched version of the losetup utility ( the utility used in "mount -o loop" ) that handles encryption. You can mount your enc partiton at boot, with the mount options in /etc/fstab, or you can mount them later after boot. With the enc filesystems, and even encrypted swap spaces, (you can change between different swap spaces any time), you can be sure your stuff is scrambled and not directly readable. At that point,
you need to worry about them watching your keyboard, or intercepting your keypress signals somehow. You can then run something like Tk Virtual Keyboard to hide your text and passwords from the leaky keyboard. It really all boils down to who are you trying to hide stuff from? Your wife, business competitors, thieves, Dept. of Homeland Security? :-) You know encrypted filesystems work, because there already have been numerous cases where people are under court orders to reveal the passwords to their encrypted filesystems. Investigators can get by root and bios passwords without any trouble and see your stuff, but all they see is jibberish when they look at the enc filesystem. Also you cannot be sure what is left on a non-encrypted filesystem, even after you force an erasure. Maybe it left something on swap? Maybe something was left
in the clear somewhere.....can you be sure? Only on an encrypted filesystem can you be sure and sleep good at night. You can also run the whole thing on a USB key, and keep it in your pocket, for a feeling of extra safeness.
| [reply] |
That Tk app is cool. ++. I'm inspired to learn Tk now.
I don't want to let you get away with speaking ex cathedra, so... which experts and where? :)
Probably should have mentioned earlier that I'm familiar with Linux (this is not to say your answer wasn't helpful). As far as I know, you can do better than using losetup's encryption facilities. According to this paper (PDF), CBC mode (used by - correct me if wrong - losetup) has a few known problems. Whether these are more than academic is likely dependent on whom you're trying to hide data from. :) In any case (as I perceive it), the state of the art with Linux disk encryption right now is LUKS and dm-crypt.
Nevertheless, I think you're right... encrypted loopback is the best solution. The "far more complex" situation means that
memset(sensitive_buf, 0, sizeof sensitive_buf);
... is not sufficient, because to assert it is would be assuming the code is running on some ethereal Turing machine in the sky. But it's not. You must also consider the broader environment this code runs in (namely, one which includes modern OSs with virtual memory systems), which means taking into account memory being swapped out, etc.
I think I have more of a handle on the problem now. Cheers. :)
email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'
| [reply]
[d/l] |