[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Not a bug but features



At 8:41 PM -0500 5/24/01, Jeff Schroeder wrote:
I am a hardcore OBSD user and server admin (http://www.sentry.net) but I feel
that OBSD lacks some major security features that I would like to see
incorporated in any newer versions.

OBSD lacks:
Encrypted file systems

Okay, I've been following the threads about encrypted file systems and I just frankly don't get it.


What is the point of having an encrypted file system?
The way Dr Evil was talking about it, you boot the machine and supply the password, now the system is accessible.
Is the idea here that all the decryption is being done on the fly?
So that the only unencrypted copy of the file is in RAM and SWAP?
As a user, do I have to supply as password each time I access a file? Doesn't sound like that was what he had in mind to me.


Why is this good? If someone is going to steal the box they're going to steal the box.
If you have sensitive data, why encrypt the entire machine with a single passkey? After all, I just stole your box so now I'm going to spend twelve hours hacking the encryption with my deathstation 2000.
I'll break it for sure, nothing is unbreakable, and then you are no further ahead. And have only gained 12 hours grace.


Why not let, or require, each user to encrypt their sensitive files, each one individually, with their own key?

Now I have to spend twelve hours per file with my Deathstation 2000.
better yet, put a lock and a security system on the server you want protected and then I can't steal it, or at least it would make it very difficult.


Heck, you could write a simple utility that encrypts files as they are checked into the cvs repository and then decrypts them on the way out. Every logout causes all checked out files to be committed and released and deleted. This should be almost trivial to do.

Combine that with some common sense privileges and access restrictions and you are well on your way to making a safe play environment.

If it is internal security that you are worried about, then you need to take course in social engineering. You simply cannot stop people from /trying/ to steal from you. Anything you give them access to will be vulnerable, period. You have to understand the level of trust you can place in people and then give them 1/2 that access.

For example, did you know that stealing diamonds from a diamond is actually not punished? Far from it. They actually very carefully check the workers for diamonds, and then they reward them if they find any.

Physical security is your friend, not your enemy.
You don't see the military putting sensitive information on computers that just anybody can walk up to!


So, really, why do we want an encrypted file system and how would it work, from the user perspective?
--
Later . . . 'liam


allenwc_(_at_)_home_(_dot_)_com
William C Allen, BLS, EET

"It may be that your sole purpose in life is to serve as a warning to others"
At least I /have/ a purpose!