subject:"Re\: \[Arm\-netbook\] hardware encrypted flash drive idea with gpl3 license"

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

2017-09-21 Thread Tor, the Marqueteur

On 09/21/2017 01:10 AM, Luke Kenneth Casson Leighton wrote:
...snip...
>  baiscally what i'm saying, with this story is: the tricky part will
> not be the software at all: the tricky bit will be getting a processor
> into a tamper-resistant, tamper-detecting box.
> 

I can't vouch for them, but ISTR a project on Crowd Supply to produce a
USB password storage device.  Been too long to recall how well it meets
the criteria for real security.

OT: I've recently gotten back to reading the list after all the list
emails got sent to spam for a while.

Tor

-- 
Tor Chantara
http://www.fineartmarquetry.com/
808-828-1107
GPG Key: 2BE1 426E 34EA D253 D583 9DE4 B866 0375 134B 48FB
  *Be wary of unsigned emails*

___
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb...@files.phcomp.co.uk

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

2017-09-21 Thread Luke Kenneth Casson Leighton

On Thu, Sep 21, 2017 at 11:16 AM, Philip Hands  wrote:

> Most of the time, what you're calling hardware is liable to just be
> software running on a different processor, perhaps in a box that has
> been glued shut such that it's less convenient for bugs to be found,
> fixed and patched.

 glued shut, electric fences added which electrocute the user, or run
the instruction "HCF" [Halt and Catch Fire.  mythical iinstruction
which was supposed to be in the 68000 or perhaps the 8086, but was
actually down to running a loop of instructions that flipped IO and
internal logic so hard that the processor overheated).  :)

the latest freescale has an on-board Cortex M0 i think it is, which is
ultra-low-power enough to run permanently on battery, so you can do
tamper-detection.

 you'll like this: when i was working for NC3A i was asked to help
with a little ethernet network box that transferred data from a
low-security environment to a high-security one.  the rule was simple:
absolutely no physical connection, and absolutely no data must travel
- ever from the high security level to the low security one.

 that *includes* ICMP packet responses which are normally used to
acknowledge and set up even a *UDP* connection.

 so somebody wrote a *modified* TCP stack which took out  the need for
ICMP traffic... but it went way waaay further than that.

 the metal box was implemented as an ultra-low power receiver /
transmitter pair, with a metal firebreak and a tiny hole between for
the radio signal to get through on a Coax cable (so that there was no
data leakage by emitted radio waves).

power was SEPARATELY provided on both sides of the box.

 then when it was confirmed 100% working, the ENTIRE BOX WAS
FLOODED WITH RESIN.

 bit of a heat problem, that

 baiscally what i'm saying, with this story is: the tricky part will
not be the software at all: the tricky bit will be getting a processor
into a tamper-resistant, tamper-detecting box.

l.

___
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb...@files.phcomp.co.uk

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

2017-09-21 Thread Philip Hands

zap  writes:

...
> also, hardware encryption is far stronger than software encryption.

Faster (potentially), maybe less open to side-channel attacks (if
properly designed), but I see no reason that the same algorithm
implemented in silicon would be any "stronger" than if it were in
software.

Most of the time, what you're calling hardware is liable to just be
software running on a different processor, perhaps in a box that has
been glued shut such that it's less convenient for bugs to be found,
fixed and patched.

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY
___
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb...@files.phcomp.co.uk

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

2017-09-20 Thread zap



On 09/20/2017 04:14 PM, Christopher Havel wrote:
> Forgive my inevitable naivety with regard to this sort of thing, but can't
> gparted create encrypted partitions, and why wouldn't that be secure
> enough...? My understanding is that it still takes a few hundred years to
> crack AES encryption with a standard PC... and the average criminals who
> are likely to blackmail you, I can't imagine they're well funded enough to
> buy a supercomputer sufficient to pop the lid on those things in a
> reasonably timely fashion.
You could be right, but It would be a good thing for those who lose
things they don't want others to access. also, hardware encryption is
far stronger than software encryption.
>
> Of course, if you piss off the Russian Mob, that's different, at least
> potentially... but that's also a comparatively pretty rare circumstance,
> I'd think.
> ___
> arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
> http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
> Send large attachments to arm-netb...@files.phcomp.co.uk


___
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb...@files.phcomp.co.uk

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

2017-09-20 Thread Christopher Havel

The hover text is pretty much my position on the subject -- although I've
been informed that it's a rather obsolescent conclusion. (...to which my
response almost always is, "I'm sorry, sir/madam/etc, but I'm all out of
kitchen foil." ;) )
___
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb...@files.phcomp.co.uk

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

2017-09-20 Thread Philip Hands

Christopher Havel  writes:

> Forgive my inevitable naivety with regard to this sort of thing, but can't
> gparted create encrypted partitions, and why wouldn't that be secure
> enough...? My understanding is that it still takes a few hundred years to
> crack AES encryption with a standard PC... and the average criminals who
> are likely to blackmail you, I can't imagine they're well funded enough to
> buy a supercomputer sufficient to pop the lid on those things in a
> reasonably timely fashion.
>
> Of course, if you piss off the Russian Mob, that's different, at least
> potentially... but that's also a comparatively pretty rare circumstance,
> I'd think.

Obligatory XKCD:   https://www.xkcd.com/538/  ;-)

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY
___
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb...@files.phcomp.co.uk

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

Re: [Arm-netbook] hardware encrypted flash drive idea with gpl3 license

6 matches

Site Navigation

Mail list logo

Footer information