[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: rootkit and 10 minutes ?
Jean-Luc Cooke wrote:
>USB key stores (or floppies) with a password encrypted keyfile to decrypt
>your FS is a bit better. Make the kernel prompt this, not user land. So the
>hacker would have to recompile the kernel to get your password/file/key.
>Making the "10min" problem a "30-60min" problem.
>
>JLC - participated in too many of the "crypto isn't enough" rants.
>
>
>
It makes no difference if its userspace or not; just make the filesystem
encrypted with a large key stored on your keychain (the USB type) and
don't store it on the system _at all_. You want to make it almost as
difficult as a full keyspace search (since they can still cryptanalyse
the drive against known filesystem structures).
--
Michael T. Babcock
C.T.O., FibreSpeed Ltd.
http://www.fibrespeed.net/~mbabcock
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/