Announcement

Collapse
No announcement yet.

The Cost Of Ubuntu Disk Encryption

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by a user View Post
    what are you talking about? since when does it matter writing long continues 1s (or 0s)?
    ...
    maybe i understood you wrong.
    I might be wrong. Though I've used up my allowance of errors for this year :-)

    I was too lazy to find the citation, but since you challenged me...

    http://www.anandtech.com/show/6891/h...h-crucial-m500

    "Most modern SSDs come with some form of hardware encryption. On these drives with hardware encryption, itís usually permanently turned on - all data written to the NAND is typically stored in encrypted form. This stems from the fact that all writes to NAND had to be scrambled to begin with (writing long repeated strings of data to NAND can cause problems for data retention)."

    Phew, I'm right. As usual. :-D

    Comment


    • #17
      If anyone is to encrypt their data, why not do it the way it's most secure and leaves the least open risks with reasonable effort?

      IMO, this excludes the proprietary mechanisms in place in practically all current SSD's that have some sort of built-in encryption functionality. Mostly because the built-in features are almost impossible to enable unless you've bought a corporate laptop or desktop that already has all the required components in it. Secondly, because government controlled backdoors are not fantasy:

      http://news.bbc.co.uk/2/hi/uk_news/politics/4713018.stm

      Open-source encryption software can be easily reviewed for any such backdoors whereas closed-source firmware based solutions can hold nasty surprises in them.

      Comment


      • #18
        Originally posted by ObiWan View Post
        OCZ Vertex 2 is a SandForce SSD, SandForce Chips are slower when data can't be compressed.

        So part of the performance hit is the SSD Controller, not the CPU
        I do agree encrypting in the OS onto an SSD is bad practise. It ain't ethical to target the controllers.There is a lot that goes into this & there could be some undisclosed SF compatibility issues with the hardware manufacturerers

        Comment


        • #19
          Originally posted by Luke View Post
          If you don't encrypt the OS, there are just too many places an attacker with physical access while you are out could drop a keylogger or a replaced binary, as physicall access=root. Encryption is the only thing that can write protect a disk against an attacker booting from something else. When the OS is encrypted too, only the /boot partition can be usefully written to, in what is known as an "evil maid" attack. The /boot partition is a hell of a lot easier to hash check than a whole operating system, so long as you do not mount it after booting and before hash checking.
          If you use a program installed on /boot to hash check /boot you are no better off.

          You really need to keep /boot on a USB drive that you always keep with you and boot from that.

          Also, a keylogger could be installed into the BIOS or EFI firmware so you need Secure Boot and a TPM to prevent firmware modifications.

          And none of that protects against low tech but effective key logger attacks like putting something slightly sticky and UV glowy on the case so you get it on your fingers and then type on the keys. Then they've got your likely passphrase when they bust in and confiscate everything.

          You just can't be too paranoid! :-)

          Comment


          • #20
            Countermeasures

            Originally posted by Zan Lynx View Post
            If you use a program installed on /boot to hash check /boot you are no better off.

            You really need to keep /boot on a USB drive that you always keep with you and boot from that.

            Also, a keylogger could be installed into the BIOS or EFI firmware so you need Secure Boot and a TPM to prevent firmware modifications.

            And none of that protects against low tech but effective key logger attacks like putting something slightly sticky and UV glowy on the case so you get it on your fingers and then type on the keys. Then they've got your likely passphrase when they bust in and confiscate everything.

            You just can't be too paranoid! :-)

            Well, you CAN be so paranoid you assume no defense is possible, so you use none and get on Facebook with Windows and hope the cops raid someone else. Short of that, you structure your setup to put as little trust in your hardware and the environment around it as is necesary to operate it. I've already had one encrypted machine taken in a raid beat attempts by the cops to get into it, I must be doing something right.

            Whenever there is a hardware you buy vs open source software choice to be made, go with the software every time. This reduces the number or possible hardware-based attack vectors and increases the odds that your opponent can't get in because the controller of that backdoor can't admit to having it. That last consideration does NOT apply to "Top Secret" but applies to all lower classifications of data.

            A TPM is hardware-and a lot more likely the NSA and "Trusted Computing Group" would admit to a backdoor in a TPM in a courtroom than that a motherboard maker would be willing to admit to keylogging all their customers so the FBI can get video of, say, protesters storming a fur shop.

            Since /boot is considered easily compromised, a hash check after booting with a program living on encrypted / makes the attack much more difficult, though not impossible. You detect the attack, you change the pasphrase and re-image the OS. Anyone setting up a raid, BTW, will greatly fear the
            detection of this sort of preparation, as this means staging a raid where the attackers are expected.

            The flash drive approach is good, used it myself in some highly untrusted environments, but it does not protect against the "evil cook" BIOS reflash. Neither does my hash check, but to attack the BIOS requires one visit to determine the board in use, another to change the BIOS, then the harvest raid.

            Obviously the ROOM in which a machine is used is an attack vector, a camera is more reliable than glowing UV dust likely to get on every key. Public places, idenify cameras and sit where they can't see the screen. Home and offices, "sweep" the areas from which the keyboard can be seen for cameras. Consider all "smartphones" etc to be malicious, don't let them watch you boot!

            One more thing: when they can't get into an encrypted machine, they might offer to give it back. That should ALWAYS be considered malicious, harboring at least a keylogging BIOS. Take it so they can't keep working on it, then SMASH it and throw it in the dumpster.
            Last edited by Luke; 05-22-2013, 12:32 AM.

            Comment


            • #21
              Couldn't you hash-check the bios by reading it with flashrom?

              Comment

              Working...
              X