[Nottingham] gpgpwd - keeping a commandline passwords list
Mike Cardwell
nlug at lists.grepular.com
Tue Jun 19 09:52:11 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 19/06/12 10:46, Jason Irwin wrote:
>> https://en.wikipedia.org/wiki/Deniable_encryption They can't
>> compel you to decrypt something that they can't prove exists.
> So long as: 1) you have no logs or other evidence on your system
> pointing to its existence; 2) the existence cannot be inferred from
> the total size of the file and the size actually decrypted; 3) the
> deniablity itself is secure
> https://en.wikipedia.org/wiki/Deniable_encryption#Detection; 4)
> your passphrase is strong enough to make a brute-force
> impractical; 5) they don't catch you with the hidden volume
> mounted.
Yes, that all falls under the caveat that they can't first prove that
it exists.
> Various rumours/news reports crop up from time-to-time about
> crypto being cracked. There's always caveats around how it was
> done, for example:
> http://www.theregister.co.uk/2012/02/03/apple_disc_crypto_broken/
Yes, the firewire DMA attack is well known. That's why I disable
firewire in the BIOS and prevent the kernel module from loading. It's
also one of the reasons that I make sure my FDE key stays out of
system RAM and hides in the CPU debug registers thanks to a helpful
Linux kernel patch named TRESOR.
> Did you miss Paul's talk on crypto? It was
> enlightening/interesting/terrifying/educational.
I did yes, it was shortly before I subscribed to this list.
- --
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
-----BEGIN PGP SIGNATURE-----
iQGGBAEBCgBwBQJP4EwjMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBA6NB/9TukS1PjGZ
8byvYLAbt+x0diZpKf0pFmAuN1kz0jDOm9CGsNo0HTX3nz50H14GfKDs1I4sQiaO
bP2DbpnUl0ytO0FvrjHruDfgXHc4RteUIL+cwG6DvbZmua9mxvRWftwQaQZUIqlw
bcgPjaRuYPQO6b/BbkGpn0edjV+dGaM5x5iPkxwJajCH5B0/PKsk6gYjnpmG2k9E
pMzD8O13iJaRx822mtb6/ZWwx0mpIRhV5Vb7f0dTSI0vUDfen8Ux9zsK+7caix6J
TIGvvG/UP/jvt65xoAiN8DdBwBtRHPzkzvXp80tAG4v9YC9TSGWEZUWlL9VdKyrL
YLSRCeLeR2H6
=9MnK
-----END PGP SIGNATURE-----
More information about the Nottingham
mailing list