Kali Linux On a Raspberry Pi (A/B+/2) With LUKS Disk Encryption

← Back to Stories (view on slashdot.org)

Kali Linux On a Raspberry Pi (A/B+/2) With LUKS Disk Encryption

Posted by samzenpus on Monday March 9, 2015 @07:46AM from the check-it-out dept.

An anonymous reader writes With the advent of smaller, faster ARM hardware such as the new Raspberry Pi 2 (which now has a Kali image built for it), we've been seeing more and more use of these small devices as 'throw-away computers'. While this might be a new and novel technology, there's one major drawback to this concept – and that is the confidentiality of the data stored on the device itself. Most of the setups do little to protect the sensitive information saved on the SD cards of these little computers.

37 comments

Min score:

Reason:

Sort:

Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 07:53 · Score: 1

There's already a full-fledged distro for the RPi. Why not just use its encryption features?
1. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 08:35 · Score: 1
  
  kali linux is totally pointless and the clueless twits behind it need to get back to the tech support desk, call volume peaks at 11 AM.
  this distro is also produced by a ridiculous "hacking" school/worthless diploma mill that for a fee will make a Hax0r out of you and give you a certificate in pen testing suitable for framing. it is a complete scam.
  witless jackassery of the most foolish variety is responsible for kali linux and its "hacking dojo" as they all it.
  bullshit. complete bullshit.
2. Re:Why are Raspbian and Encryption orthogonal? by hamjudo · 2015-03-09 08:36 · Score: 3, Interesting
  
  They are not orthogonal. This should have been titled "if you are going to use Kali Linux on a Raspberry Pi, here is how to encrypt it".
  Kali Linux is designed for penetration testing, among other things. The logs from a penetration test are valuable to dark hats. The advantage of doing this from a Raspberry Pi, is that they are cheap enough to send to each branch of a company, so each network can be individually tested. Sometimes this means that physical security is difficult to ensure. It would be very embarrassing to lose a system during an internal audit. It could quite easily turn into a career ending event, if that led to a security breach.
  Disclaimer: I've never used Kali Linux, nor did I look closely at this technique to see if there is something stupid in the instructions.
3. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 08:40 · Score: 0
  
  it is a big wad of shit for brains stupid. all around, up and down, side to side pointless is what kali linux is.
4. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 08:55 · Score: 0
  
  Kali seems to be an extension of Back Track; BT seemed to me to be a reasonably handy distro to have if you wanted a bunch of security tools by default. But I'm no expert in this stuff - what would you suggest? CentOS or Ubuntu plus a bunch of repos, or install all the tools from source?
5. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 08:57 · Score: 0
  
  kali linux is totally pointless and the clueless twits behind it need to get back to the tech support desk, call volume peaks at 11 AM.
  this distro is also produced by a ridiculous "hacking" school/worthless diploma mill that for a fee will make a Hax0r out of you and give you a certificate in pen testing suitable for framing. it is a complete scam.
  witless jackassery of the most foolish variety is responsible for kali linux and its "hacking dojo" as they all it.
  bullshit. complete bullshit.
  Didn't get your Kali certificate, did you?
6. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 09:00 · Score: 0
  
  i don't need a worthless certification from a pack of absolute nobodies with a fly by night Scam Academy. no one anywhere takes these goofballs seriously.
7. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 09:05 · Score: 0
  
  Kali Linux has this awesome Dragon on the CD. it is so metal dude! That dragon has a lot of skills and doesn't fear anybody!
8. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 09:08 · Score: 0
  
  if you aren't using slack or gentoo, don't call yourself a 'hacker'....
9. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 10:01 · Score: 0
  
  As someone actually going through this school, I'm going to go out an a limb here, and say you have absolutely, positively no idea what you are talking about, or referring to. CEH/CPT, those are bs certs worth nothing more than framing. OSCP/OSCE, you actually learn something.
10. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 10:19 · Score: 0
  
  whatever you say mr. reggae hacker mon
11. Re:Why are Raspbian and Encryption orthogonal? by Anonymous Coward · 2015-03-09 17:33 · Score: 0
  
  Let's just simplify that to "don't call yourself a 'hacker'...."
  Your accomplishments stand by themselves.
12. Re:Why are Raspbian and Encryption orthogonal? by Barsteward · 2015-03-09 23:04 · Score: 1
  
  nah... don't call yourself a 'hacker' unless you use http://www.linuxfromscratch.or...
  
  --
  "The hands that help are better far than lips that pray." - Robert Ingersoll (1833-1899)
13. Re:Why are Raspbian and Encryption orthogonal? by ZorglubZ · 2015-03-16 10:52 · Score: 1
  
  I thought the prime requisite was using Suicide Linux... http://sourceforge.net/project...
Kali linux is a joke by Anonymous Coward · 2015-03-09 08:30 · Score: 0

a dubious distro put together by script kiddies and oh gosh! it comes with a bundle of script kiddie hax0r shit so you don't have to DOWNLOAD IT!
there is nothing innovative here. at all.
and their dumbass brogrammer website plays reggae!
it is 2015 and the last thing, the _very_ last thing needed by mankind is NOT another fucking linux distro.
the 90's are calling, boys. the 90's wants its stuff back.
1. Re:Kali linux is a joke by Anonymous Coward · 2015-03-09 09:08 · Score: 0
  
  Clearly Kali is a joke since it has not embraced the wonder that is systemd.
2. Re:Kali linux is a joke by Barsteward · 2015-03-09 23:05 · Score: 1
  
  yet.....
  
  --
  "The hands that help are better far than lips that pray." - Robert Ingersoll (1833-1899)
Why not just install other crypto? by Anonymous Coward · 2015-03-09 08:39 · Score: 0

Is there anything keeping you from installing LUKS on any other Raspberry Pi? Is this a story for any other reason than you can now install Kali Linux to avoid typing the three commands required to get it working on any other Pi distro?
1. Re:Why not just install other crypto? by Anonymous Coward · 2015-03-09 08:47 · Score: 0
  
  nope. what this article is is nothing but an ill thought out marketing stunt for a worthless distro and the even more worthless "hacking school" scam behind it.
Performance? by fisted · 2015-03-09 09:08 · Score: 2

Oh yeah please. Make it even slower.

--
CLI paste? paste.pr0.tips!
1. Re:Performance? by Anonymous Coward · 2015-03-09 09:50 · Score: 0
  
  Exactly for a small performance decrease you've just made you data a couple magnitudes more secure against any nefarious agents.
2. Re:Performance? by fisted · 2015-03-09 15:53 · Score: 1
  
  Yes, if by "small" you mean "large".
  
  --
  CLI paste? paste.pr0.tips!
3. Re:Performance? by facetube · 2015-03-10 01:29 · Score: 1
  
  And if by "large" you mean "I was definitely saturating all four of those 900MHz ARMv7 cores, so much so that the highly-concurrent in-kernel crypto layer couldn't keep up with the relatively low I/O bandwidth of a MicroSD card", then... sure. It'd probably suck pretty hard on the single-core 700MHz v1, but the second-generation unit is considerably better equipped.
4. Re:Performance? by fisted · 2015-03-10 02:36 · Score: 1
  
  You do realize that the vast majority of raspis in the wild are Model Bs, though, right?
  
  --
  CLI paste? paste.pr0.tips!
5. Re:Performance? by facetube · 2015-03-10 04:31 · Score: 1
  
  I do; it just doesn't seem unusual for new distribution features to target emerging or even in-development hardware. A $35 credit-card sized board that can perform full-disk encryption acceptably seems like it'd be valuable even without a large installed base.
hardware support? by Eunuchswear · 2015-03-09 09:16 · Score: 2

Does the SOC in tbe Rasbery PI 2 have hardware encryption support? 'cos it's going to be pretty slow without it.

--
Watch this Heartland Institute video
1. Re:hardware support? by Anonymous Coward · 2015-03-09 11:29 · Score: 0
  
  It's ok though, because the (under) performance of the SD card or USB storage more than overshadows an extra couple of percent overhead.
2. Re:hardware support? by facetube · 2015-03-09 12:20 · Score: 1
  
  And it has 4 900MHz ARMv7 cores. Unless you're running something compute-intensive that saturates all four of those cores, the excess CPU capacity combined with the relatively slow SD storage means you probably won't even notice the overhead.
New Macbook Air: 500+ comments, this crap: ~20 by Anonymous Coward · 2015-03-09 10:36 · Score: 0

No one even cares about Lin-sux on slashdot!
Think different.
Think BETTER.
Think Apple.
1. Re:New Macbook Air: 500+ comments, this crap: ~20 by Anonymous Coward · 2015-03-09 11:33 · Score: 0
  
  Indeed. Anything different than Apple is bound to be BETTER.
SD card security is easy by Anonymous Coward · 2015-03-09 11:23 · Score: 0

SD cards are orders of magnitude easier to secure than regular hard drives. To secure a hard drive you need screwdrivers with weird shaped heads, pliers, hammers and all manner of hardware. All you need for an SD card is to remove and microwave.
1. Re:SD card security is easy by Anonymous Coward · 2015-03-09 15:02 · Score: 0
  
  A gun can secure a hard drive pretty reliably against all but the NSA... good luck putting the resulting platter shards back together...
  For that matter, simply having a raid 6 array and destroying enough disks such that the array cannot be rebuilt.
Ya but... by Anonymous Coward · 2015-03-09 12:12 · Score: 0

...can it run SCO?
Marketing? by Anonymous Coward · 2015-03-09 18:45 · Score: 0

Why are people still wasting their money on this? there are plenty, more advanced embedded boards at about the same price....
I guess I will never understand hype.
And yes, I had an Apple device once, then I realized that every upgrade of the OS is only intended to slow the device and change mostly the UI without adding any value.
1. Re:Marketing? by Half-pint+HAL · 2015-03-09 23:54 · Score: 2
  
  Why are people still wasting their money on this? there are plenty, more advanced embedded boards at about the same price....
  The Pi has the advantage of near uiquity -- you don't have to write anything new or faff about too much with configuration, as someone has already done it for you.
  The Pi should have become a reference platform for low-processor-power computing, but then they decided to go for a non-commodity part and locked out interoperability at the hardware level....
  
  --
  Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'