[dm-crypt] LUKS self-destruct key

Andrew list2010 at lunch.za.net
Mon Mar 31 22:17:52 CEST 2014


On Mon, 31 Mar 2014 15:06:12 +0200
Arno Wagner <arno at wagner.name> wrote:

> Ok, I will repeat some of the same old things that apparently 
> have to be said time and again when somebody has this 
> not-so-bright idea.
Not really ok.  You were already very vocal in the thread which someone else had the courtesy to point out.  As you state, you have said these same old things already, generally without actually engaging the actual argument.  Although your point is interesting, it is the answer to a different question.  While you are apparently at liberty to repeat yourself time and again, this does not lend force to your statements.  

In the absence of bright ideas, no-so-bright simple stupid and practical hacks really do carry the day.  

> On Mon, Mar 31, 2014 at 14:19:29 CEST, Andrew wrote:
> [...]
> > I read the thread -- interesting reading (Gmane seems a little off
> > for me at the moment though.)
> > 
> > A few points that were not raised directly by anyone are:
> > 
> >  * Some of the worst attackers *do* lack technical skills.  While
> > various interest groups do have technical experts, less skilled
> > persons may try their hand first, and succeed in destroying the
> > evidence.  Terrorism has lately tended towards a cell structure.  A
> > particular cell may not have access to adequate technical
> > resources, while not lacking "skills" like kidnapping, robbery and
> > torture of those they target.
> 
> Even the dumbest attackers have seen the movies where the magic
> computer destroys all data when the wrong password is entered.
This is not true.
> 
> And when you come to any writing about compouter forensics,
> the first rule is always to never work on originals. 
This is not relevant.
>  
> >  * An attacker may guess the wipe/kill/nuke/erase password without
> > any intervention by the user (at last - a use for post-it notes!)
> > Users' passwords may well be inadequate, despite all advice to the
> > contrary. Having an even-more-inadequate nuke/self-destruct/erase
> > password may frustrate an attacker.
> 
> See above.
Don't see.
> 
> >  * If it is possible for the key to be destroyed without the user's
> >    intervention, then it becomes plausible that there is nothing to
> > be gained by asking for a password.  (e.g.  LEO removes device from
> > user, and upon return, the user's provided key does not work,
> > because LEO has tested some password; user complains that LEO has
> > destroyed the data.)
> 
> See above and add to it that you may have trouble for "destroying 
> evidence" by an "elecronic booby-trap". 
Still don't see, and what if this trouble is 
>  
> >  * A self-destruct feature is not unique, and exists in other modern
> >    devices: e.g.  the iPhone's self-destruct on failed lock
> 
> These are not reliable and well-known to law-enforcement.
> 
> >  * Users have a free choice whether to create a
> > self-destruct/nuke/erase key or not.  Choice is important.
> 
> Experts have a duty not to give dangerous tools to amateurs. 
> Amateurs are likely to shoot themselves in the foot. Often
> repeatedly. This is not a technological problem, hence a 
> responsible expert will not implement technological "snake oil"
> that may look like a "solution" to an ordinary user but is not.
>  
> >  * Law enforcement may demand all passwords.  It would be an
> > omission to fail to provide them with passwords for the good and
> > the bad key slots ;) (rather cheeky, but it's a choice)
> 
> See above. 
Still don't see.
> 
> > 
> > > Please also note that Kali Linux already implemented the nuke
> > > feature into their distribution:
> > > http://www.kali.org/how-to/emergency-self-destruction-luks-kali/
> > > http://www.kali.org/how-to/nuke-kali-linux-luks/
> > I like!  I'll look out for the patch for my favourite distribution.
> 
> Have fun. But be aware that you do not get what you think you get.
> And please complain to them when you get out of prison, not to us.
I'll be dead, not complaining, so don't worry.
> 
> Arno
> -- 
> Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email:
> arno at wagner.name GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF
> B774 E35C 5FA1 CB5D 9718 ----
> A good decision is based on knowledge and not on numbers. -  Plato
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Click here to receive this message as an unsolicited e-mail


More information about the dm-crypt mailing list