[dm-crypt] avoid keyloggers: enter password with mouse?(virtual?keyboard)

Arno Wagner arno at wagner.name
Wed Nov 30 15:46:47 CET 2011


On Wed, Nov 30, 2011 at 03:22:50PM +0100, Ma Begaj wrote:
> 2011/10/4 Heinz Diehl <htd at fancy-poultry.org>:
> > On 04.10.2011, Jan wrote:
> >
> >> You have a fully encrypted system on your USB stick like privatix
> >> (see http://www.mandalka.name/privatix/index.html.en ) and you are
> >> sitting in an internet cafe. There's a hardware keylogger installed
> >> on that the PC you use. You lose your USB stick, maybe you even
> >> forget it in the internet cafe (this happens)!
> > [.....]
> >
> > Privacy on a machine outside of your control is a no-go.
> > There are by far more options to get access to your data if
> > somebody other than yourself has admin/root access to the machine
> > you're using. A simple script which does a copy of anything inserted
> > will do it. Or the admin himself logged in from another machine, and
> > many more...
> 
> 
> that is not true. two factor authorization solves this problem pretty easy.

It seems to until you look more closely. Current attacks
on online-banking demonstrate the attack. The only way around 
that is basically to delegate all interaction to a device
the attacker did not have access to. Everything else just 
increases attackert effort, but is still feasible.
 
> I am using barada on my machines for SSH and it is working pretty great.
> http://barada.sourceforge.net/

What has "working well" to do with "being secure"? Not a lot, I
would say. If the machine you do this one has been pepared
to hijack ssh-sessions, it can easily look over all your stuff
without you ever knowing and install a backdoor on the machine
you logged in to. This is a practical attack, even if it causes
some effort on the attacker's side. 

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 


More information about the dm-crypt mailing list