Domain: unisa.it
Stories and comments across the archive that link to unisa.it.
Comments · 9
-
Re:low unemployment compared to europe
In Western Europe only the big countries of France, Germany, Italy and Spain generally have higher unemployment than the US. This paper argues that most countries in western Europe - Norway, Sweden, the Netherlands and so on tend to have lower unemployment. If you believe that paper, it's a mistake to lump all of Western Europe in one basket. (It's also pretty funny to see those horribly socialist countries like Sweden and Norway with lower unemployment than the US
:-) (Although Sweden is now closer to the US rate, Norway is still below.) -
Re:Replication
I started to retort about how easy it would be to build self replicating lego robots, then I got a clue and used google.
It's been done, as a college project.
The materials certainly are not just details when you're comparing
1) premade legos
2) smelting materials yourself from ore
3) molecules with valences, electric fields, and thermal motion
But I agree with you: if we can do it with one set of materials, it is very likely we can do it with the others. Smalley, however, holds fast that we can't build "real molecular nanotechnology", although as far as I can tell he keeps moving the line of his definition of real molecular nanotechnology, since even he can't refute that cells do it. -
Re:Webcam exploits...
GSM's not perfect But seriously, (probably) nobody cares enough to hack into your house. When was the last time you checked your telephone system for bugs?
-
Kernel Patches for Encrypted FSYou can download TCFS (Transparent Cryptographic File System) from http://tcfs.dia.unisa.it/
It seems to be usable, if not blindingly fast.
-
Some places to start
There are a number of good places to look on the web, including:
Info on Loopback Encryption
Information on using CFS (useful)
Faster Option and another. These people have gone about it a different way. -
Why so much data?
Hey!
I may be missing something here, but what good encryption system would need 20GB of random data? What is that, like half your hard disk space? if you want to do a sort of XOR job, then encrypting the random data, you'd need that much, but 20GB? that's a lot of hard disk space.
I'd go for something different if I were you. I like the look of TCFS but I'm fairly new to Linux so I don't think I'll be using it just yet. Here's an ectract from the security HOWTO:
"6.10. CFS - Cryptographic File System and TCFS - Transparent Cryptographic File System
CFS is a way of encrypting entire directory trees and allowing users to store encrypted files on them. It uses an NFS server running on the local machine. RPMS are available at http://www.zedz.net/redhat/, and more information on how it all works is at ftp://ftp.research.att.com/dist/mab/.
TCFS improves on CFS by adding more integration with the file system, so that it's transparent to users that the file system that is encrypted. More information at: http://edu-gw.dia.unisa.it/tcfs/.
It also need not be used on entire filesystems. It works on directory trees as well."
You could try either of them. As I may have said, I like the look of TCFS. The website in the qoute may have been removed, if so, I know it's availiable at http://tcfs.dia.unisa.it/.
The Linux Journal has a good article that you could also look at.
Just my $0.02
Michael Tandy
-
Re:It's maybe ok?Try either TCFS, CFS, or loopback encryption. I currently use loopback, but am going to check out CFS and TCFS in the near future. TCFS claims to be an extended, improved CFS.
Patches also exist to auto-mount your home directory on login if it exists on a loopback encrypted filesystem.
-
The only file systems which guard against this...
The only file systems which could help guard against this type of attack would be a cryptographic file system or a steganographic file system.
-
So what about crypto file systems, anyway?I have a laptop. I have, periodically, searched around for information on how to use a cryptographic file system. I've found a few references to CFS:
- In the Security HOWTO;
- RPMs at replay.com;
- Matt Blaze's developer-oriented announcement message;
- And something called TCFS that claims to be an ``improved'' version of CFS.
There is something notable missing from all of these pages: simple, easy-to-follow instructions on how to install and effectively (and securely!) use a file system like this.
From the dearth of documentation, I get the feeling that this has only ever been attempted by file-system gurus, which means that I wouldn't even want to consider attempting it, because reformatting my disk and reinstalling the system is not something I look forward to.
Here is what I would like to end up with:
- I power on my machine;
- Early in the boot process, it prompts me for a pass-phrase;
- If I don't type the correct one, the machine is useless, and all non-trivial data on the disk is encrypted;
- If I do type the pass-phrase, the machine boots up normally;
- When I put the machine into suspend mode, it again prompts me for a pass-phrase when I try and un-suspend. If I don't type it, the machine remains effectively halted until I get it right.
Is this dream even remotely realizable?
Basically, the situation I want to protect against is simply that of the laptop being stolen while I'm away from the keyboard -- whether it is powered on at the time, or powered off.
The problem here is that the usual crypto-heads are the types who use ssh and pgp and are already used to having to perform nontrivial system-administration tasks to get things up and running, and who don't mind wading through a command-line alphabet soup to do simple tasks, all day long. What we need is someone who is both a crypto-head, and who understands that their agenda is best served by taking the time to make this software be drool-proof.
It doesn't matter how good the math is if no real users are actually using it. Crypto is only effective if widely deployed. If not, those few who use crypto stand out for targetting.