IBM Running Linux On Secure Hardware

Schmad writes: "IBM announced at LinuxWorld today that IBM Research and Cryptographic Appliances have Linux running on FIPS 140 Level 4 hardware. Imagine, Linux running in a totally secure environment! Peter Gutmann, father of the crypto toolkit cryptlib, has some things to say about it here."

Re:Is this thing REALY secure?

[dasunt]

The encryption algorithms are secure. You can find more then a few solid encryption schemes available on the net if you look. Others that I trust say the mathmatics behind them are sound, and that by today's standards, breaking them would be difficult, if not impossible, even with the resources the feds have.

So, if you never keep your key on the hard drive, and instead only keep it in ram, having to manually retype it every time you want something, there is no possibility of anyone rebooting and having easy access to your encrypted data (if you disclude the possibility of unencrypted stuff showing up in swap, and with memory prices the way they are, I'd just throw a gig of ram at the problem and turn swap off.) If I had such a setup (and I don't, I'm a windows luser that is content with E4M), that actual encryption scheme and the way it was carried out would be secure to my heart's content.

Now, if this data is very important to you, I would only decrypt it when nessessary. That way, if the feds come, the chance of you having the data accessable is small. If you need to remotely access the data and it has to be up all the time, then you are in more trouble. However, it seems that when the feds do seize your equipment, they remove it, with removal, the power is turned off, and the memory is thus cleared. If you are really paranoid, just setup something in the door that as soon as its opened, it resets the power of the computer. Actually, it would be trivial for a skilled person to setup a nice motion sensor hooked up to the computer that can be remotely turned on/off, and if turned on, would reset the computer if it detects motion.

Just my $.02