Slashdot Mirror

. . . as long as you open up again afterwards. Otherwise you just make yourself irrelevant.

Just one of the many reasons I decided to encrypt my entire filesystem.

If you don't already know about this, and your eyes are glittering with the prospect of encrypted home directories.. there is a way to do this in linux also. It's called the cryptoloop. This is a kernel loop extension that uses the CryptoAPI encryption options to create an encrypted loop of a mount for your system. Although I don't think there is anything to make it as automagic as they probably have set up in OSX, this is something that's out there for those of us that are ultra paranoid. You can visit the CryptoAPI site here where you can get everything you need, or look into the new 2.6 test kernels that have cryptoloop and the CryptoAPI options as a standard feature.

Because Linux offers an even greater bang/buck than OS X. It offers better java performance, finer-grained security through such items as the grsecurity packages, and increased data protection through the kernel encryption packages. Yeah, as a desktop OS, OS X is okay looking, but on a server, Linux just blows it away.

How the hell is this insightful!? It's FUD!

Windows XP has USB 2.0

Wow, what an innovation... they have drivers for USB 2.0 devices. Wow... So do we.

it has low-latency audio

Let's see, does Linux...? Yep, we got that too.

it can play DVDs

Wow, do you think other platforms could do that? Yes, I think so.

it has translucent windows

Well actually, it doesn't. However, these guys have had it for a while and these guys are pretty close.

built-in NAT

Linux has had this since version 2.0. It worked great even back in 1999.

drag-and-drop CD recording

OKay, I'll conceed on this point, but I'll definitely mention you could find this here before Microsoft ever had a clue. As for XP drag and drop CD recording... it still doesn't work right.

an MPEG-4 media player

Once again, I reference these guys again. What's so impressive about that? Microsoft aren't even the people who introduced it.

it has an encrypted, compressed file system

Well, let's see here... yes, we definite have that too. As a matter of fact, I've been using encrypted file systems in Linux for years. As far as I recall, I was doing that before Windows was. No wait, Windows still doesn't offer encryption beneath the file system. Weak.

they have fine-grained access controls

Only very recently. Linux has enjoyed ACL from here and here as well.

they have a common language runtime

Funny thing is it was implemented by the open source community faster than Microsoft did.

They are pushing and developing modern programming languages so that we aren't all stuck programming in C.

A language is a tool Some languages are good for some tasks, some are better for others. For example, you couldn't quite write an operating system in Lisp like you could with C. To make this point shows how much of a fool you are. By the way, GCC compiles langauges other than C too.

Some of this technology sucks, and most of it they didn't invent, but they are pushing new technology.

Yes, most of it does suck but none of it is new. Microsoft only pushes regurgitations of what the rest of the industry has had (often for years).

(I also know that most of this stuff is available on linux, but it's also kind of a pain in the ass.)

I don't see any problems. None of what you mentioned was hard to find nor is any of it any harder to use than in Windows. For example, I play a DVD by loading my DVD player and press the button with the little triangle on it (play).

Your "points" fall down to absolutely nothing. Microsoft offers no advantages, just disadvantages over open source technologies.

You sir are a major corporate whore, completely deceived, clueless, not too bright, and giving free marketing hype to a multibillion dollar company. How does that make you feel?

Seriously, name one server task you can perform with Linux which you can't with OS X

Try loop-aes for a quick, non-kernel-dependent implementation.
CryptoAPI isn't bad either, but loop-aes is quicker to set up, IMHO.

You could always just pretend to be sharing legal stuff which is a lot easier:
- Add cryptoAPI and cryptoloop to your kernel
- Encrypt your ridiculously large amount of disk space
- Put whatever you like on it
When law enforcement rears its ugly head to pick up your gear for evidence (and it will - always remember that):
- Accidentally cut power
- Claim amnesia
- Claim innocense

e) disable swap space (if one of the programs you're using ends up being written to the swap...). The last is unavoidable with all encryption systems I've heard of. The only resolution would be to have an encrypted swap space, but that means an encryptor that preallocates space for the encryption process when one is out of physical memory.

There are two feasable ways to do this (that I can think of at 3 in the morning):
A: Use a swapfile on an encrypted partition. This will be slow, of course. Very slow.
B: losetup -e (cypher) /dev/loop0 /dev/hda3 (where /dev/hda3 is your swap partition.) Then mkswap /dev/loop0, swapon /dev/loop0. You will want to use the international kernel patch as the standard losetup & kernel only does XOR or DES. I think the blowfish cypher would be ideal for this, it's fast and secure.

The cryptoAPI is the real kicker here folks.

Once cryptoAPI is in the kernel, /dev/random will no longer us its own crypto librtaries (SHA-1). IPSec will not use its own crypto (well, freeswan will because they feel there's value there).

CryptoAPI will also permit people to have encrypted filesystems, swap partitions, even BOOT partitions.

Present applications include: eliminate duplicated code, harmonize/facilitate crypto in the kernel, encrypted file systems, swap paritions, cdroms, etc., "turnkey" ipsec

Later applications include: load-time code-signing (that is all binaries and .so's can have their digital signature verified before execution), and other majic stuff.

JLC

This is our attempt at "helping" this. OSS isn't in the business of being the "thought police" (aka. intellectual property control)

Funny how country codes AF, IQ and KP don't have laws forbidding export/use of crypto.

I am the horse and I have a mouth.

This is our attempt at "helping" this. OSS isn't in the business of being the "thought police" (aka. intellectual property control)

Funny how country codes AF, IQ and KP don't have laws forbidding export/use of crypto.

I am the horse and I have a mouth.

What they don't know is that the floopy disk is stored in my safety deposit box at the bank, and the actual private key is on multiple encrypted loopback devices. Oops. I shouldn't have said that. Now I have to bury the disk behind the barn. I shouldn't have said that either.

I'll agree that NFS has it's problems. But if you can't control physical access to your network then YOU have some problems. And as for intermezzo, does it work on non-linux? Didn't think so. How about Coda? Not really ready for the real world, I'm afraid.

As for the no crypto "on the linux" as you say, if you had been paying attention (or even using Linux), you would have known that crypto laws have made it impossible to put crypto into the kernel by default. There are crypto patches readily available, not to mention other crypto packages.

I hate NFS just as much as the next guy. But let's face it: it just works, and is actually ideal for a home network. And until something better comes along, it will be the defacto standard.

If my computer where taken by anyone I would want it to contain no information whatsoever, preferably having the people who took it have no access to the box what-so-ever. encrypted fs, encrypted bios, requiring one of those nice USB keychains to use as key to turn the thing on, why aren't there features like that in most bioses?

BIOS protection is mostly useless. Nobody will try to actually boot your computer. They'll just take the hard disk, make a copy on some read-only media (read-only, so they can "proof" they didn't change any data), and give back the computer.

Encrypted file systems are a nice idea, and you can get a patch for Linux here. Unfortunately, they can't go in the official kernel, because the encryption laws in many countries. Also, I don't know of any distribution that supports this out of the box.

Autodestruction scripts are easy. Just install a procmail recipe that watches for a certain subject and then executes "cat /dev/urandom > /dev/hda". Pretty effective. An alternative is a CGI script (make sure Google doesn't index it :).

And those keychains are pretty handy to store your PGP private key on (and a lot more reliable than diskettes!)

Now, if anyone, ever asks the stupid question about why software patents are bad, this is one hell of a example.

Think aout it, a lot of people have been working on THIS since 1998 only to have someone come to them 4 years later and tell them that they can't continue since it's now a patented idea.

The best things about kerneli are the possibility to choose between different encryption algorithms and that it's not filesystem dependent. Though I miss the oppertunity to use the encryption algorithms in userspace programs. (Same thing about the digest algorithms, do thay have any function except for enlarging the kernel size?)

I'm currently testing a pam module that mounts kerneli encrypted home directories, release scheduled a few weeks into the future.

When will the cryptography patches be updated?! I'm still stuck on 2.4.5pre1 for this reason!

Has anyone else had this problem?

I use the patch from kerneli.org, and yes, I applied a patch meant for 2.4.3 to 2.4.5, it works great. I have a loopback aes-encrypted filesystem used to store important things, but after patching 2.4.6, compiling, and booting, I can't mount the encrypted filesystem! It tells me the cipher doesn't exist in the kernel, even after I manually insert the module.

Anyone from kerneli.org here? answer me this: why arn't you as obsessed with the latest releases as I am? 2.4.3 is obsolete! ;)

--

www.kerneli.org!!!!

The cost savings over their current use of "Trusted" OSes has already been mentioned. It probably adds up.

But you are forgetting one thing. Most of the reported vulnerabilities are not in the kernel! They are in associated apps and misconfigured services!

Yes, I know what MACs are and that properly configured they would go a long way towards securing a system.

Guess what? Most people can't properly configure a system now much less understand and properly setup a MAC-based one!

Look at the Top 10 vulnerabilities on the net today and you will see most of them have had fixes/patches for a long time -- they just haven't been applied!

THIS ISN'T GOING TO CHANGE WITH SE LINUX! If you know what you are doing you can properly configure a pretty damn secure Linux/BSD system -- especially a non-server -- with minimal effort. Combine IPChains/IPTables with Tripwire, Snort, NMAP (to double-check) and don't run any services that aren't absolutely necessary and ANYONE, including the NSA, is going to have a damn hard time getting in to your system.

If you really want to be paranoid -- use different passwords for local-access items (like logging in) and remote-access items (like POP3 e-mail -- which can be easily sniffed); install the International crypto patch on your kernel and setup a loopback device to encrypt all your file systems. (BTW: the 2.4.3 Int'l patch is out.)

Professional involvement by the world's largest employer of mathematicians and cryptographers is a good thing.

--
Charles E. Hill

So I suggest making a loopback encrypted filesystem, placing the key on it and only mounting it when you need the key. It would be nice though if a password dialog would pop up automaticly when the key is needed by some program (say when evolution needs it for gpg).

Look at www.kerneli.org for information about how you can encrypt your hard drive on Linux. Other tools exists too.

There are a couple things.

Check kerneli.org for some more info, as well as encryptionhowto.sourceforge.net

If crypto is your fetish then check out International Kernel or go install *BSD with the crypto libraries.

Research what laptop will run Linux real well.

Get some cash together and drive to a distant city and buy a laptop right off the store shelves. There won't be a chance for anyone to plant a bug in it.

Wipe the hard drive and install Linux on it. Install the Linux encrypting kernel and keep all your real files on an encrypted volume.

Install Tripwire on the machine - it verifies the integrity of important files to be sure they aren't patched.

Learn how to administrate your machine effectively. Always log in as a non-priveliged user and never become root unless you really need to.

Learn about security and tighten down your machine. If you care about security on your laptop you're not going to be running a webserver but I bet a lot of you are running both Apache and SAMBA on a standalone user machine without even knowing it. The more services that are disabled the less anyone can screw with it, even on a non-networked machine.

Don't ever let the machine leave your sight. If you have to put it away, lock it in a safe. Do something to the safe that will enable you to tell if someone's blackbagged you - something like the trick of wedging a matchstick in your door when you leave, but something more concealed. If you find the matchstick on the ground when you return, someone's opened your door.

Best of all don't use a computer for anything of real importance. You can find out why you shouldn't by reading The Forum on Risks to the Public in Computers and Related Systems for a while.

Michael D. Crawford
GoingWare Inc

I tried the same thing. Loopback encrypted /home on a samba server. I know the cleartext network traffic and the windows client defeats the purpose somewhat, but I was more worried about someone burglarizing my computer than breaking into my network while it was running.

-Performance wasn't bad on a K6-2 400. With 128bit Serpent I got 1 MB/s vs 4.5 MB/s for unencrypted files.

-The 2GB filesize limit means you can't make one big loopback filesystem for the whole disk.

-Patching and recompiling the losetup and mount utilities (part of linux-utils) is a pain. Make sure the linux-utils version exactly matches the one that the patch has.

here's some help for people who want to try it:
Linux kernel crypto patches
encrypted loopback HOWTO

There are a number of good places to look on the web, including:

Info on Loopback Encryption
Information on using CFS (useful)
Faster Option and another. These people have gone about it a different way.

Most encryption software is still too hard to use. This plays into the hands of those who would spy on us because they don't even have to try hard.

PGP is more approachable now on Windows than it was back in the command-line-only days, but it is also a huge program.

What we need is for everyone to be using encryption all the time. Encryption should just be the standard, not the exception.

My client asked me to email her my source code, and I made her download PGP and send me a public key. It took some persuading to get her to do it. But I don't have the sense that she's going to be continuing to use it, I think that she only did it to humor me.

I encrypt every thing of value on my laptop with PGPDisk under windows and the Linux encrypting kernel under Linux - so if my laptop gets stolen the theives get nothing of value to them and my client's trade secrets are not revealed.

A friend's office was once broken into and all of his computers were stolen. They got all of his source code, his customer sales database, and all of his sales and support correspondence.

Are you protected against such an event?

What I'm waiting for is them to open up restrictions enough to let these guys get their patches added to the main linux kernel tree. I think it's a shame that linux is lagging behind OpenBSD due to our country's legal hangups over crypto. This is good news.. I just hope it's enough.

Please read my page Why You Should Use Encryption.

If you get your mail from and put web pages on a hosting service, then at a minimum you should use one that provides secure shell (ssh) and secure copy (scp) access. One such hosting service that does is Seagull Networks. Does anyone know any others?

When you retrieve your email via POP or load a web page via FTP your password is being transmitted in the clear. You have no control over which routers and cables it passes through in the process, so you have no way of knowing if someone's running a sniffer on a compromised host. Usually you have no knowledge even of the route, unless you go to the trouble to run traceroute regularly.

You can download your email via an encrypted channel with ssh port forwarding if your mail host provides ssh. The instructions given are oriented to the BeOS but apply in general to any OS for which an SSH client exists.

If you run a website that uses passwords please consider allowing the users to enter their passwords via SSL (https).

If you use websites that require passwords, please use a different password for each site. At the very least, use a unique password for your important sites, like your email, web pages and financial sites. If you keep the passwords in a file (which you may have to do because there are so many sites that take passwords), encrypt the file.

Be aware that most sites that have passwords do not encrypt them, otherwise they wouldn't be able to send you your password reminder in clear text. I've even used sites that mailed out password reminders in the clear every couple months just to prompt me to use the service. Note that anyone at the site who has root access, anyone who compromises the site or anyone running a sniffer on or near the site will be able to catch your passwords.

Also I think it is very likely that many websites are provided for no other purpose than to collect passwords for later use by crackers - beware of that free trial and use a unique password if you must accept the offer!

Use the anonymizer or, if you have Windows 95 or 98, Freedom to protect your privacy while you web surf.

Finally, do you use a laptop computer? Do you have files on it that you don't wish to share with the random stranger who might steal it someday? How about your competitors? A thief won't likely be in the direct employ of your competitors but they may recognize the value of the information and sell it to them, or even post it on the net for fun.

And remember in this information age the information on our computers is more valuable than the hardware itself, and unlike car stereos can continue providing value to a thief because, once it is fenced, it is still available to be fenced again.

Depending on your OS, you should use PGPDisk or the Linux encrypting kernel on your laptop.

Consider encrypting important information on your desktop too. A friend of mine who is a software developer lost every machine in his company in a robbery - source code, strategic plans, and the customer database.

I know of two cases where laptops were stolen from intelligence agents, once during the Gulf war, and once from an MI5 agent while he'd set it between his legs at a train station. Good thing they used encryption!

Finally, read the Forum on Risks to the Public in Computers and Related Systems available on the Usenet News as comp.risks and on the web at http://catless.ncl.ac.uk/Risks

Tilting at Windmills for a Better Tomorrow

Also read my note Secure Email Download with SSH on the Be Tip Server. While the tip is BeOS specific, the basic ideas work fine on other operating systems.

Of course, to download your mail via SSH, you'll need a hosting service that provides it at their end, which is why I recommend Seagull Networks. Note that if you upload content to your website with FTP, you're exposing your password to network sniffers. Seagull Networks allows you to use secure copy (scp) for this so your password remains secure.

Finally, I use the Linux Encrypting Kernel under Linux and PGPDisk under Windows to keep important personal info like my Quicken checkbook, and confidential business information like the source code I'm writing for my clients encrypted on my laptop so the theives won't have them if my computer is stolen.

With either one you can create a big file that when mounted with a passphrase is accessible like any ordinary filesystem. I have even found that I can run MPEG movies off a PGPDisks with no loss in playback quality on my laptop which has a 450 MHz Pentium III.

Finally read the Forum on Risks to the Public in Computers and Related Systems for significant discussions on privacy issues. It is available as comp.risks on the Usenet News and on the web at http://catless.ncl.ac.uk/Risks/.

Do you think Microsoft takes care to protect your privacy when designing its products? Guess again.

The scary MSWord residue feature

I recently received a legal document as part of a personal negotiation that I am doing. The document was e-mailed to me in MSWord format. As I was showing it to my lawyer (who happens to be my wife), we decided to put our thoughts inline using the track changes feature of word. After selecting Tools, and Track Changes, we clicked on "Highlight changes in document" and voila, suddenly a whole bunch of red appeared on the screen. We looked at it closely and realized that everything in red represented changes in the document that my counterpart's lawyer had written. We got a good look at the previous version of the contract, as well as a bunch of comments and justifications that the lawyer wrote to his client. It was an eye opening experience.

It appears that instead of selecting "Accept all changes" before sending it to me, the other party to the contract simply turned off the highlighting to the track changes feature.

This is obviously a case of an unsophisticated person misusing a feature. However, it is very dangerous. Lawyers send word documents around all the time, and many of them do not really understand all the features that they use, nor should they have to. I imagine that I was not the first person to see some behind the scenes conversation in an important word document, that I was never intended to see.

...a story about one of the Northwest Airlines employees whose hard drives were searched by Northwest's lawyers...

That's what encrypted filesystems are for:
http://www.kerneli.org/lo opback-encrypted-filesystem.html

I'd like to see Slashdot, for example, have the option of being served up on 128-bit SSL. I mean all the pages on the site. It would probably be best for the slashdot folks if this were done with hardware encryption support.

For one thing, encrypting all one's casual traffic helps to provide cover for people who really do have something to hide.

I recommend using a web hosting service which provides secure shell login access. One such web hosting service is Seagull Networks. Here is how I retrieve my POP mail through SSH port forwarding. The tip entry gives BeOS specific instructions but the basic idea should work on any platform for which SSH is available.

And yes I know my email is sent to seagull in the clear, but what this does is generate encrypted traffic (generally a good thing) and also prevents my ISP from snooping on me unless they hack into my hosting service.

If you work in a company and are concerned that your employer may be snooping on your personal email (you're not mailing out your resume are you? Know how an ethernet sniffer works?) then you should definitely use SSH for your mail.

Also on my laptop I use PGPDisk to encrypt my Quicken Checkbook and source code on NT, and the Linux Encrypting Kernel to encrypt source code on Linux. If someone steals my laptop, my clients won't have all their trade secrets stolen too.

Mike

The lesson is that someone is always monitoring you. You can never stop them, or get the to stop, or even know they all stopped even if they did. So use crypto everywhere and then you won't have to worry. After all, feds never deciphered Mitnicks encrypted files, did they?

Just because you're paranoid doesn't mean they really aren't all out to get you.

Note: the above is probably all just made up fiction.

"....a new Encrypting File System that lets you designate volumes on which files are automatically stored using encryption."

Hmm. So Microsoft can export this? If the export laws are such a non-issue nowadays, maybe it's time to integrate the International Kernel Patch into the kernel source tree?

-- Loki@work.

Are there any good fully-encrypted filesystems out there yet? Linux-compatibility would be a plus...

Linux can encrypt filesystems (entire disks if you want). Check http://www.kerneli.org/ for more information and the required patches.

I will also wait for the international kernel patch to upgrade since there are fixes and new features that apply to me also, but I've already downloaded the patch so I have that much less downloading. And since you mentioned the International kernel patch we should point everybody to the place that tells them what it is and how they can setup an encypted filesystem with it.
The International Kernel Patch
and the encypted FS howto is here:
loopback encrypted filesystem HOWTO

I will also wait for the international kernel patch to upgrade since there are fixes and new features that apply to me also, but I've already downloaded the patch so I have that much less downloading. And since you mentioned the International kernel patch we should point everybody to the place that tells them what it is and how they can setup an encypted filesystem with it.
The International Kernel Patch
and the encypted FS howto is here:
loopback encrypted filesystem HOWTO

Well I just noticed that also has linux-2.2.14 and they have a lot of crypto in the kernel that isn't in the official kernel.

(That is why they doesn't put it on u.s. mirrors... (Crypto-regulations...))

Someone needs to just open a Strong Encryption company outside the US (Mexico? That's where I'd put the factory anyhow) and start mass-shipping crypto-enabled software and phones to the US.

Patches also exist to auto-mount your home directory on login if it exists on a loopback encrypted filesystem.

ftp.kerneli.org has a set of international patches to the kernel which include encryption support for the loopback device. You can encrypt a partition or a file containing a filesystem image. It supports blowfish and several AES candidates.

gnupg 1.0.0 is available as an rpm in ftp://ftp.replay.co m/pub/crypto/incoming/gnupg-1.0.0-1.i386.rpm

Alternatively, you can create the rpm yourself: rpm -tb gnupg-1.0.0.tar.gz will automatically compile and package it to an RPM.

Funny how just last night I started an FTP of kernel 2.2.1...

On a related note, can anyone give a brief synopsis of what the patches @ www.kerneli.org add to the kernel?