On Monday, June 02, 2014 03:23:03 PM Matti Nykyri wrote: > On Jun 2, 2014, at 16:40, "J. Roeleveld" <jo...@antarean.org> wrote: > > On Monday, June 02, 2014 07:28:53 AM Rich Freeman wrote: > >> On Mon, Jun 2, 2014 at 6:56 AM, Neil Bothwick <n...@digimed.co.uk> wrote: > >>> On Mon, 02 Jun 2014 05:27:44 -0500, Dale wrote: > >>>> The second option does sound what I am looking for. Basically, if I > >>>> log > >>>> out but leave my computer on, leave home, some crook/NSA type breaks in > >>>> and tries to access something or steals my whole puter, they would just > >>>> get garbage for data. That seems to fit the second option best. > >>> > >>> If they steal your computer they will have to power it off, unless you > >>> are kind enough to leave them a large enough UPS to steal along with it, > >>> so any encryption will be equally effective. > >> > >> If you're worried about casual thieves then just about any kind of > >> properly-implemented encryption will stop them. > >> > >> If you're worried about a government official specifically tasked with > >> retrieving your computer, my understanding is that it is SOP these > >> days to retrieve your computer without powering it off for just this > >> reason. They won't use your UPS to do it. Typically they remove the > >> plug just far enough to expose the prongs, slide in a connector that > >> connects it to a UPS, and then they pull it out the rest of the way > >> now powered by the UPS. > >> > >> See something like: > >> http://www.cru-inc.com/products/wiebetech/hotplug_field_kit/ > > > > Hmm... Those are nice, but can be easily built yourself with an > > off-the-shelf UPS. > > > >> Presumably somebody who is determined will also have the means to > >> retrieve the contents of RAM once they seize your computer. Besides > >> directlly accessing the memory bus I think most motherboards are not > >> designed to be secure against attacks from PCI/firewire/etc. > > > > Hmm... add something to auto-shutdown the computer when a hotplug event > > occurs on any of the internal ports and remove support for unused ports > > from the kernel. > > > > I wonder how they'd keep a computer from initiating a shutdown procedure > > or > > causing a kernel panic when it looses (wireless) connection to another > > device that is unlikely to be moved when powered up? > > Well i have a switch in the door of the server room. It opens when you open > the door. That signals the kernel to wipe all the encryption keys from > kernel memory. Without the keys there is no access to the disks. After that > another kernel is executed which wipes the memory of the old kernel. If you > just pull the plug memory will stay in its state for an unspecified time.
You don't happen to have a howto on how to set that up? > Swap uses random keys. > > network switches and routers get power only after firewall-server is up and > running. networked powersockets? > There is no easy way to enter the room without wipeing the encryption keys. > Booting up the server requires that a boot disk is brought to the computer > to decrypt the boot drive. Grub2 can do this easily. This is to prevent > some one to tamper eith a boot loader. > > System is not protected against hardware tamperment. The server room is an > RF-cage. > > I consoder this setup quite secure. Makes me wonder what it is you are protecting your server from. :) -- Joost
