[Gllug] Editors

home at alexhudson.com home at alexhudson.com
Sun Jul 29 00:07:12 UTC 2001


On Sun, Jul 29, 2001 at 12:38:54AM +0100, David Freeman wrote:
> Paranoia is a good thing IMHO.

Why? I don't see it makes any sense at all, actually ;)

> what I am typing. However this isn't the problem I am trying to solve, I
> only want the casual observer not to be able to find any plain text on the
> disk so doing a grep wont find anything.  Seeing as the VM is hard to grep
> I am not worrying about that.

Er, the vm is about as hard to grep as any other file. (I've just found this
file I'm editing for instance, because my laptop only has 24Mb ram and it's
easy to knock something into swap - grep /dev/discs/disc0/part5 works a
treat I'm afraid). In fact, since the memory is a file too (/dev/mem) you
can use the same tool on both. 

The only way you can do it is by encrypting the file on the disc (with a key
that is not on the computer - i.e., one you type in/have on disk/etc.),
encrypting the swap, and possibly taking a few other precautions.

It reminds me a bit of that guy who wrote the secure file delete command,
and then gave up development because he realised it was unpossible ;)

> Now this is going TOO far. See above.

You don't want to find the file in plain text anywhere. You can't guarantee
that unless you encrypt every instance of the data. Not going _that_ much
futher...

> True. I was just wondering as I am thinking of installing StegFS.

Hmm. Nice as a toy, I s'pose, but again, swap is the key. Plus, you need to
key in something every time you boot, which will quickly become annoying. I
like the author's comment: "Using Stegfs is [harder than] writing it in the
first place".

Face it: you don't need that level of security, and I don't see why you need
a steganographic system either. You need an encrypted file system, perhaps,
and an editor which removes its allocated memory from the swap system (I
know of no such editor currently - anyone else?) - but that's about it.
Stegfs is real overkill, and you're ignoring a lot of other problems.

Cheers,

Alex.

-- 

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list