Announcement

Collapse
No announcement yet.

A Self-Destruct Option For Linux Disk Encryption

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • A Self-Destruct Option For Linux Disk Encryption

    Phoronix: A Self-Destruct Option For Linux Disk Encryption

    The security-minded Kali Linux distribution has proposed a feature of adding "emergency self-destruction of LUKS" to their cryptsetup package when doing full-disk encrypted Linux installations...

    http://www.phoronix.com/vr.php?view=MTU2MjQ

  • #2
    The attacker enters this password and all your data is gone. Poof.

    What a "nice" idea.

    I'm not against it, but this termination password should be configurable otherwise it's a recipe for disaster.

    Comment


    • #3
      Originally posted by birdie View Post
      The attacker enters this password and all your data is gone. Poof.

      What a "nice" idea.

      I'm not against it, but this termination password should be configurable otherwise it's a recipe for disaster.
      Why would I tell an attacker my nuke password. Just as I wouldn't tell him my main password. If you are giving away your main password, he can also delete your data...

      Comment


      • #4
        Originally posted by birdie View Post
        The attacker enters this password and all your data is gone. Poof.

        What a "nice" idea.

        I'm not against it, but this termination password should be configurable otherwise it's a recipe for disaster.
        What makes you think this password is not configurable?

        Comment


        • #5
          Originally posted by stikonas View Post
          Why would I tell an attacker my nuke password. Just as I wouldn't tell him my main password. If you are giving away your main password, he can also delete your data...
          http://xkcd.com/538/

          Though even in that situation it is likely they would have backups made, so nuking one copy doesn't help any.

          I am guessing the main use would be if you were tipped off that you were about to get raided and you wanted a quick way to destroy data before that could happen. Can't really see any other use for something like this, because if you don't have advanced notice you wouldn't likely have the time to reboot and pop in that password anyhow. If anyone can take you and your computer before you do that they have already gained the advantage.

          Comment


          • #6
            Originally posted by IanS View Post
            http://xkcd.com/538/

            Though even in that situation it is likely they would have backups made, so nuking one copy doesn't help any.

            I am guessing the main use would be if you were tipped off that you were about to get raided and you wanted a quick way to destroy data before that could happen. Can't really see any other use for something like this, because if you don't have advanced notice you wouldn't likely have the time to reboot and pop in that password anyhow. If anyone can take you and your computer before you do that they have already gained the advantage.
            This exactly.
            This is also the reason why truecrypts dev always refused to give the option of a "nuke" password.
            The only case there this helps is if the attacker does not have access to the hardware yet.
            So you have an already encrypted drive which will protect you if your hardware is taken and add a option to protect you if your hardware
            is not yet taken. Seems redundant to me.
            Maybe if this option would provably delete your access to the data but even then, they will just beat you thinking you might have a backup somewhere.

            Comment


            • #7
              This is an excellent idea to prevent the CIA/NSA/FBI triad from seeing your data at airports.

              Comment


              • #8
                Originally posted by IanS View Post
                http://xkcd.com/538/

                Though even in that situation it is likely they would have backups made, so nuking one copy doesn't help any.

                I am guessing the main use would be if you were tipped off that you were about to get raided and you wanted a quick way to destroy data before that could happen. Can't really see any other use for something like this, because if you don't have advanced notice you wouldn't likely have the time to reboot and pop in that password anyhow. If anyone can take you and your computer before you do that they have already gained the advantage.
                Depends on the situation, there was one story on /. about a guy being forced to give up the encryption key to his laptop. Give up the nuke password then say that they must've damaged the hard drive in transit, or that the drive must be suffering from corruption. Or have the nuke password be something one letter off from the real password (like a strange letter, z instead of s maybe) then when they enter it and blame you just say they heard you incorrectly.

                Really depends on if maybe you're a reporter and the data on your drive could get someone else killed or start a war or something extreme like that

                Comment


                • #9
                  Originally posted by birdie View Post
                  The attacker enters this password and all your data is gone. Poof.

                  What a "nice" idea.

                  I'm not against it, but this termination password should be configurable otherwise it's a recipe for disaster.
                  What makes you think it wouldn't be configurable..? Like its so blatantly common sense that just saying that it might not be makes you come off.... lacking of common sense o.O

                  Comment


                  • #10
                    Originally posted by wargames View Post
                    This is an excellent idea to prevent the CIA/NSA/FBI triad from seeing your data at airports.
                    Seriously? I feel that's the most stupid use you could find for it. Destroying all of your data just so it they don't see it, except if you really have something important to hide (like Ericg's example, I mean), is not what I'd call a solution.

                    Originally posted by Ericg View Post
                    Or have the nuke password be something one letter off from the real password (like a strange letter, z instead of s maybe) then when they enter it and blame you just say they heard you incorrectly.
                    And that's how you accidentally blow all of your data.

                    Comment

                    Working...
                    X