[Gllug] Editors

David Freeman freemadi at yahoo.co.uk
Sun Jul 29 16:41:23 UTC 2001


 --- home at alexhudson.com wrote: > On Sun, Jul 29, 2001 at 12:38:54AM
+0100, David Freeman wrote:
> > Paranoia is a good thing IMHO.
> 
> Why? I don't see it makes any sense at all, actually ;)

Oh it does, a small amount of parania is healthy. I beleive Phil
Zimmerman has alot to say on the wide spread use of crytography. I am
paranoid mainly as I take my machine to a number of LUG meets where at
times it is left unattended. As such I would not like someone able to
gothrough my disk drive.

> > what I am typing. However this isn't the problem I am trying to
> solve, I
> > only want the casual observer not to be able to find any plain text
> on the
> > disk so doing a grep wont find anything.  Seeing as the VM is hard
> to grep
> > I am not worrying about that.
> 
> Er, the vm is about as hard to grep as any other file. (I've just
> found this
> file I'm editing for instance, because my laptop only has 24Mb ram
> and it's
> easy to knock something into swap - grep /dev/discs/disc0/part5 works
> a
> treat I'm afraid). In fact, since the memory is a file too (/dev/mem)
> you
> can use the same tool on both. 
> 
> The only way you can do it is by encrypting the file on the disc
> (with a key
> that is not on the computer - i.e., one you type in/have on
> disk/etc.),
> encrypting the swap, and possibly taking a few other precautions.
> 
> It reminds me a bit of that guy who wrote the secure file delete
> command,
> and then gave up development because he realised it was unpossible ;)
> 
> > Now this is going TOO far. See above.
> 
> You don't want to find the file in plain text anywhere. You can't
> guarantee
> that unless you encrypt every instance of the data. Not going _that_
> much
> futher...

Or limit the number of possible times that the plain text is stored.
Given enough memory it is possible for the data to not be stored in VM.
Can Swap space be turned on and off? Does anyone know how I can force
the kernel to not use VM for certain applications? (I have 384MB RAM)
 
> > True. I was just wondering as I am thinking of installing StegFS.
> 
> Hmm. Nice as a toy, I s'pose, but again, swap is the key. Plus, you
> need to
> key in something every time you boot, which will quickly become
> annoying. I
> like the author's comment: "Using Stegfs is [harder than] writing it
> in the
> first place".

I have to type a password everytime I boot. Having to type in my pass
phrase every time I boot is an acceptible price to pay. Security is not
a comprimise.
 
> Face it: you don't need that level of security, and I don't see why
> you need
> a steganographic system either. You need an encrypted file system,
> perhaps,
> and an editor which removes its allocated memory from the swap system
> (I
> know of no such editor currently - anyone else?) - but that's about
> it.
> Stegfs is real overkill, and you're ignoring a lot of other problems.

RIP act! That is why it is needed. The plausable deniabilty aspect of
the StegFS is the main selling point. Having an encrypted filesystem is
fine except that you must give the key or accept 2yrs in prison!

I will need to look at how the memory works. I am sure there must be a
way.

Thanks

D

PS any one know anything about tempest shielding :o)


> Cheers,
> 
> Alex.
> 
> -- 
> 
> -- 
> Gllug mailing list  -  Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug 

____________________________________________________________
Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list