From owner-freebsd-hackers@FreeBSD.ORG  Wed Feb 27 07:12:49 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5D3E51065684
	for <freebsd-hackers@freebsd.org>; Wed, 27 Feb 2008 07:12:49 +0000 (UTC)
	(envelope-from atom@smasher.org)
Received: from atom.smasher.org (atom.smasher.org [69.55.237.145])
	by mx1.freebsd.org (Postfix) with SMTP id 1EADE13C45B
	for <freebsd-hackers@freebsd.org>; Wed, 27 Feb 2008 07:12:48 +0000 (UTC)
	(envelope-from atom@smasher.org)
Received: (qmail 61176 invoked by uid 1000); 27 Feb 2008 02:12:21 -0000
Message-ID: <20080227021221.61175.qmail@smasher.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Date: Wed, 27 Feb 2008 15:12:18 +1300 (NZDT)
From: Atom Smasher <atom@smasher.org>
In-Reply-To: <9111966B-DB9C-41E3-9D30-168D668585A9@bnc.net>
MIME-Version: 1.0
OpenPGP: id=0xB88D52E4D9F57808; algo=1 (RSA); size=4096;
	url=http://atom.smasher.org/pgp.txt
References: <20080223010856.7244.qmail@smasher.org>
	<20080223222733.GI12067@redundancy.redundancy.org>
	<31648FC5-26B9-4359-ACC8-412504D3257B@bnc.net>
	<47C345C9.8010901@geminix.org>
	<9111966B-DB9C-41E3-9D30-168D668585A9@bnc.net>
To: freebsd-hackers@freebsd.org
X-POM: The Moon is Waning Gibbous (69% of Full)
X-Hashcash: 1:20:0802270212:freebsd-hackers@freebsd.org::Rpcs9P/w9+HHodY+:000000
	0000000000000000000000004ftB
Subject: Re: Security Flaw in Popular Disk Encryption Technologies
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2008 07:12:49 -0000

On Tue, 26 Feb 2008, Achim Patzner wrote:

> You might want to take a look at eNova (http://www.enovatech.net/) who 
> are pointing at interesting hardware using their crypto technology.
=================

the idea of closed-source hardware-based crypto disk drive may appeal to 
some, but i've seen too many similar things fail through stupidity, 
malice, etc.

http://www.schneier.com/blog/archives/2004/10/the_doghouse_le.html
http://www.google.com/search?q=%22crypto+ag%22+nsa

one probably wouldn't have to look hard for more examples of "secure 
hardware" that isn't secure. there's just no way that hardware crypto can 
provide the peace of mind that open-source crypto does (or maybe my 
tin-foil hat is too tight).


-- 
         ...atom

  ________________________
  http://atom.smasher.org/
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	"No two men are alike, and both of them are happy for it."
 		-- Morris Mandel