From owner-freebsd-hackers@FreeBSD.ORG Fri May 16 16:06:25 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F15B937B401 for ; Fri, 16 May 2003 16:06:24 -0700 (PDT) Received: from geekpunk.net (adsl-32-194-137.bna.bellsouth.net [67.32.194.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 05ADE43F3F for ; Fri, 16 May 2003 16:06:24 -0700 (PDT) (envelope-from bandix@geekpunk.net) Received: from localhost.my.domain (taran [127.0.0.1]) by geekpunk.net (8.12.6/8.12.6) with ESMTP id h4GFptcE014775; Fri, 16 May 2003 10:51:55 -0500 (CDT) (envelope-from bandix@geekpunk.net) Received: (from bandix@localhost) by localhost.my.domain (8.12.6/8.12.6/Submit) id h4GFprAu014774; Fri, 16 May 2003 10:51:53 -0500 (CDT) (envelope-from bandix) Date: Fri, 16 May 2003 10:51:53 -0500 From: "Brandon D. Valentine" To: Terry Lambert Message-ID: <20030516155153.GY3896@geekpunk.net> References: <20030515185823.X40030-100000@haldjas.folklore.ee> <3EC483F8.A2E6E00@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3EC483F8.A2E6E00@mindspring.com> User-Agent: Mutt/1.4.1i cc: hackers@freebsd.org cc: Stalker Subject: Re: Crypted Disk Question X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2003 23:06:25 -0000 On Thu, May 15, 2003 at 11:23:52PM -0700, Terry Lambert wrote: > > > > You might just aswell claim GEOM is useless because they could > > always torture the password out of you - both views are equally > > meritless. Which password will they torture out of you? =) There are disk encryption schemes which utilize multiple keys, each key unlocking a different layer of information. These systems are designed, at least in part, to facilitate the partial release of information in a coercion scenario. Outwardly there is no way to determine whether the key you have been given fully unlocked the disk or whether you were only given partial access. The only way to verify that you have full and complete access to the disk contents is to already know the contents of the disk. That is information the key holder likely already knows but the attacker is not likely to. Even if the attacker knows you have utilized a multilayered system he can never be certain that you have given him complete access. There are also ways that key information can be distributed such that different combinations of people are required to unlock different areas of the disk and no group is capable of unlocking the entire disk at once. This makes it very difficult to compromise the entire system. The number of people one would have to detain and coerce in order to unlock a preponderance of the information presents a practical problem for the attacker. > That's incorrect. If the password is in my head, a court order isn't > going to recover the data on the disk. If the password is recoverable > with a court order because a court order gives physical proximity to > the machine, then there is no reason to do it. Just because the court orders you to unlock your disk you can choose not to do so. You will be held in contempt of court, possibly charged with obstruction of justice and most definitely jailed until you produce the key material. But, if the privacy of the contents of your disk is worth more to you than your freedom, you can continue to deny the court's request. However, hiding information from a court of law is generally not the goal of encryption of this sort. The primary goal is to thwart espionage efforts -- either corporate or international. You either want to protect your trade secrets from your competitors or you want to protect your national security assets from foreign powers. Personal information security is an incidental benefit of technology like this, but your personal encrypted information is only secure so long as you steer clear of the law. A corporation under investigation can likely get a gag order placed on the court record so that any proprietary information is kept from competitors. If you're personally under criminal investigation you will likely be ordered to unlock your hard disk, which you will do because otherwise you will spend life in jail for contempt without the benefit of a jury trial (even if you're guilty a jury might let you off, which is the advantage to unlocking your drive). It is likely that any pertinent information recovered from your hard disk will be admitted into evidence and as a criminal defendant unless there are trade secrets on your hard drive which are relevant to the criminal investigation and which threaten your employer or personal business, you will probably have difficulty getting the court record sealed. Your private information will be made public at least in part. There are Fifth Amendment arguments that could be made in the United States against coercing you to unlock your encrypted hard drive, but they're on shaky ground because the key itself is not incriminating, only the information the key unlocks is. The court would tend to think of that as ordering you to produce the combination to a safe which was thought to contain a murder weapon. The gun inside the safe incriminates you, but the combination does not do so directly so the Fifth Amendment does not apply. IANAL. > A dongle is only useful if what you are talking about is something > like a laptop. Even the, the operation is *not* "automated", as the > original poster was requesting: it requires the user to physically > attach the dongle when they are booting a laptop. At that point, it > becomes the moral equivalent of a lock and key... which in no way gets > rid of the act of applying the key to the lock, and so in no way could > be termed "automatically unlocking the lock". PHK's post in this thread explains one possible way to skin that cat. Brandon D. Valentine -- brandon@dvalentine.com http://www.geekpunk.net Pseudo-Random Googlism: war is treason join the marijuana lawsuit