[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Not a bug but features
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Not a bug but features
- From: liam <allenwc_(_at_)_home_(_dot_)_com>
- Date: Thu, 24 May 2001 20:48:55 -0700
At 8:41 PM -0500 5/24/01, Jeff Schroeder wrote:
I am a hardcore OBSD user and server admin (http://www.sentry.net) but I feel
that OBSD lacks some major security features that I would like to see
incorporated in any newer versions.
Encrypted file systems
Okay, I've been following the threads about encrypted file systems
and I just frankly don't get it.
What is the point of having an encrypted file system?
The way Dr Evil was talking about it, you boot the machine and supply
the password, now the system is accessible.
Is the idea here that all the decryption is being done on the fly?
So that the only unencrypted copy of the file is in RAM and SWAP?
As a user, do I have to supply as password each time I access a file?
Doesn't sound like that was what he had in mind to me.
Why is this good? If someone is going to steal the box they're going
to steal the box.
If you have sensitive data, why encrypt the entire machine with a
single passkey? After all, I just stole your box so now I'm going to
spend twelve hours hacking the encryption with my deathstation 2000.
I'll break it for sure, nothing is unbreakable, and then you are no
further ahead. And have only gained 12 hours grace.
Why not let, or require, each user to encrypt their sensitive files,
each one individually, with their own key?
Now I have to spend twelve hours per file with my Deathstation 2000.
better yet, put a lock and a security system on the server you want
protected and then I can't steal it, or at least it would make it
Heck, you could write a simple utility that encrypts files as they
are checked into the cvs repository and then decrypts them on the way
out. Every logout causes all checked out files to be committed and
released and deleted. This should be almost trivial to do.
Combine that with some common sense privileges and access
restrictions and you are well on your way to making a safe play
If it is internal security that you are worried about, then you need
to take course in social engineering. You simply cannot stop people
from /trying/ to steal from you. Anything you give them access to
will be vulnerable, period. You have to understand the level of trust
you can place in people and then give them 1/2 that access.
For example, did you know that stealing diamonds from a diamond is
actually not punished? Far from it. They actually very carefully
check the workers for diamonds, and then they reward them if they
Physical security is your friend, not your enemy.
You don't see the military putting sensitive information on computers
that just anybody can walk up to!
So, really, why do we want an encrypted file system and how would it
work, from the user perspective?
Later . . . 'liam
William C Allen, BLS, EET
"It may be that your sole purpose in life is to serve as a warning to others"
At least I /have/ a purpose!