On Tue, Mar 15, 2016 at 08:59:43PM +0100, Denis 'GNUtoo' Carikli wrote: > Hi, > > Edward Snowden will be giving the keynote of this year's Libreplanet. > I saw a video of him speaking at an IETF event, remotely. People had > many questions, many technical. > > So I was thinking that we, the libreboot community, could prepare a > list of questions before the event. > > We would for instance explain what is libreboot and ask questions > related to it. > > For instance I'm personally very interested in activists threat model, > that includes resisting to targeted physical attacks. > > Currently, the most used setup (to my knowledge) to resist such attacks > consists in: > - An FSF certified computer with libreboot. > - GRUB in the BIOS flash, that can open encrypted rootfs. > - The full rootfs (including /boot) encrypted with LUKS. > - GRUB password and nail polish/glue seals to prevent reflashing by an > attacker. The idea is to create random patterns that would be hard > to reproduce or restore if the seals are broken. Pictures of it are > taken, and the users verifies that the pattern matches before > entering the passphrase. > - The laptop would be configured to prevent external connectors from > providing DMA channels to the system's RAM, before the users enters > the passphrase. > - The embedded controller firmware is non-free, we should probably fix > that. > > Another approach would be a chromebook-like security model combined > with Tails instead of chromeOS. Unfortunately that's not implemented > yet. > > I wondered how safe was the former kind of setup, for instance: > -> Is the default aes-xts-plain64 cipher (with a 256 or 512 bit key > size) resistant to malicious HDD firmware. Here the firmware would > deliberately and actively try to attack the cryptography. I'm also > supposing that the SATA interface won't give it access to the > system's RAM, because its DMA is between the HDD and the SATA > controller. I hope that there are no bugs that permits access to > the system's RAM. > Would authenticated cryptography affect it in any way? > -> How to learn to not be able to give the HDD passphrase if we want to. > Do the hands have to learn the passphrase but not the brain? > > And more generally: > -> To what extent is the intelligence community targeting individual > free software developers involved the development of privacy > enhancing software. > Is it always possible for such individual developer to know this is > happening. > To what extent does that affect the ability of such person to > continue working on privacy enhancing software (where the individuals > are aware of it, and when they are not)? > -> What are the differences between handling the security of individual > people and an organization. > For instance an organization would tend to man in the middle TLS to > look for data exfiltration. > An individual would, on the contrary, use the tor-browser. > What(between organizations and individuals) would be more efficient > for activism. Here I'm assuming that surveillance makes activism > less efficient. > > The question don't target any specific country or political system, so > the answer might differ accordingly. > > Maybe someone has ideas to improve the list, and/or to add questions to > it > > PS: Note that I can't come to libreplanet this year. > > Denis.
i wont be able to be there, i hope someone find some of this interesting too and can ask & transcript the answers! 8) some questions about all this "privacy, data security and firmware" stuff: - i like libreboot & see the uefi boot system comming, self signed boot roms and CA's: will this be as strong as it seems? - IoT, PxE, AMT, iME, SoC's, mobile phones, wearables, drones, firms & chips everywhere!: are the firmwares the "only-one" "flag" to capture? what can we do with undocumented chip/ports features, from an atheist perspective ;)? are there trusted hardware manufacturers? i miss a trusted link in the platform :,( FSF-libreboot-<hardware>-user - Tempest attacks, aka 'chip exfiltrations to reverse cryptographyc keys': how close is this to be "in the wild"? are there some key meassures that someone can take to avoid this? - the net, open source, activism, information leaks, the growing and needed share knowledge global culture 8,): appart from keep on going with libreboot, what can we do better? what else? join others? love to snowden, smart, honor, and big courage, all a human can bring with him and be proud of D
