Slashdot Mirror

← Back to Stories (view on slashdot.org)

NetBSD's Crypto-Graphic Disk

Posted by ryuzaki0 on from the can-you-crack-me-now dept.

An anonymous reader writes "Security-minded laptop users live in fear of theft, not only of their computer but also of their precious secret data. NetBSD's CGD project is a cryptographic virtual disk that can protect sensitive data while acting like a normal filesystem. Recently its author, Roland Dowdeswell, was interviewed and provided a lot of details, and made a comparison with Linux's Loop-AES, FreeBSD's GBDE, OpenBSD's svnd. This is a must-read for any laptop owner (and paranoid androids)!"

5 of 219 comments (clear)

  1. Cool, but for who? by jaymzter · · Score: 1, Insightful

    This is a great idea, honestly... but who runs NetBSD on their laptops? I'd posit that it's a relatively low amount of folks. So while this is cool, until the code migrates to a better known F/OSS OS it isn't much use in the real world.

    --
    If thou see a fair woman pay court to her, for thus thou wilt obtain love
  2. What a Load by Some+guy+named+Chris · · Score: 4, Insightful

    From the summary: "Security-minded laptop users live in fear of theft"

    Nice blanket generalization there. I'm security minded, use two laptops, and I don't live in fear. I mitigate risks. I use caution, but I don't live out my life in a state of fear, as your cliche ridden statement says.

    Karma be damned, but I'm sick of people who use phrases without thinking what they actually mean.

  3. Re:TrueCrypt for WIndows and Linux. by Anonymous Coward · · Score: 1, Insightful

    Although I have not used TrueCrypt myself, I have serious doubts about the fundamental insights that its developers have in cryptography. To develop secure cryptography software, understanding of the algorithms much more important than actually implementing them.

    Take for example the Truecrypt FAQ. They state that "On legacy volumes, which are encrypted in CBC mode, data within each sector (sector is 512 bytes) are chained so when a block becomes corrupted, each successive block within the sector will become corrupted as well."

    Wrong. Using CBC (cipher block chaining), one corrupted encrypted block leads to two corrupted blocks after decryption, not an entire sector. This Wikipedia article explains it best: the red blocks indicate corrupted data.

    I have not examined Truecrypt further, but I can imagine that there could be more cryptographical mistakes. The people developing Truecrypt may be great programmers, but apparently no (big-name) academic cryptographists are involved (or I must have overlooked them).

    Personal note:

    I'm a cryptography student at ESAT (K.U.Leuven, Belgium), where among other things AES (Rijndael) was developed. Although have not contributed to AES myself, I am being mentored by the same experts who were involved. Check my ip address if you want.

  4. Re:Interesting but not exactly new news by PhraudulentOne · · Score: 2, Insightful

    I create an strong-encrypted virtual disk image with banking, internet login, software key, and (un)related information.

    Pr0n...

    --
    You create your own reality - Leave mine to me.
  5. for a growing userbase by Anonymous Coward · · Score: 1, Insightful

    This is one example of how a F/OSS _becomes_ more popular. Don't count a runner out of a race which never ends.