[opensuse] Cautionary tale re encrypted HOME directory
When I installed 12.1 I encrypted (for the first time) my HOME directory. Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD. Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD? The answer is YES. I attached the external to another computer and am able to read all the files in that backup. FYI. BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/30/2012 7:44 PM, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org). the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/31/2012 01:10 PM, zep wrote:
On 1/30/2012 7:44 PM, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
But still, you have to think along the lines of: I am encrypting a disk, or a partition. Files while they are on that disk or partition are encrypted. If you copy them somewhere else (to a disk or partition that is not encrypted), then they're not going to be encrypted on that device. The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere. This is an important difference between block-level and file-level operations. BTW, http://en.wikipedia.org/wiki/Key_disclosure_law is worth a read. Regards, Tim -- Tim Serong Senior Clustering Engineer SUSE tserong@suse.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 15:14, Tim Serong wrote:
On 01/31/2012 01:10 PM, zep wrote:
On 1/30/2012 7:44 PM, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
But still, you have to think along the lines of: I am encrypting a disk, or a partition. Files while they are on that disk or partition are encrypted. If you copy them somewhere else (to a disk or partition that is not encrypted), then they're not going to be encrypted on that device.
The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere.
This is an important difference between block-level and file-level operations.
Ah, so there is a difference and which probably explains what happened in my case.
BTW, http://en.wikipedia.org/wiki/Key_disclosure_law is worth a read.
Thanks for this. Will now read this. BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tuesday 31 January 2012 15:14:30 Tim Serong wrote:
The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere.
This is an important difference between block-level and file-level operations.
You really don't want to have file level encryption on your entire /home. You would need to enter your encryption key every time a file was opened. Once for .bashrc, once for .bash_history, once for .profile etc etc etc. A scheme like that would last exactly 5.4 seconds, then you'd reformat with something sane Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/31/2012 04:52 PM, Anders Johansson wrote:
On Tuesday 31 January 2012 15:14:30 Tim Serong wrote:
The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere.
This is an important difference between block-level and file-level operations.
You really don't want to have file level encryption on your entire /home. You would need to enter your encryption key every time a file was opened. Once for .bashrc, once for .bash_history, once for .profile etc etc etc.
A scheme like that would last exactly 5.4 seconds, then you'd reformat with something sane
Good point :) It's worth mentioning, you can (or should be able to somehow - I haven't tried lately) do block-level encryption on an external hard disk, same as you can for a disk/partition that's physically inside your system. So, backup files to the encrypted block device from your encrypted /home partition, and life is (or should be) good/sane. Cheers, Tim -- Tim Serong Senior Clustering Engineer SUSE tserong@suse.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 17:02, Tim Serong wrote:
On 01/31/2012 04:52 PM, Anders Johansson wrote:
On Tuesday 31 January 2012 15:14:30 Tim Serong wrote:
The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere.
This is an important difference between block-level and file-level operations.
You really don't want to have file level encryption on your entire /home. You would need to enter your encryption key every time a file was opened. Once for .bashrc, once for .bash_history, once for .profile etc etc etc.
A scheme like that would last exactly 5.4 seconds, then you'd reformat with something sane
Good point :)
It's worth mentioning, you can (or should be able to somehow - I haven't tried lately) do block-level encryption on an external hard disk, same as you can for a disk/partition that's physically inside your system. So, backup files to the encrypted block device from your encrypted /home partition, and life is (or should be) good/sane.
I like this idea very much. Can you suggest how this could be achieved considering that I am using an external USB HDD which, at the moment, is totally formatted in ntfs (Ok, no drama in splitting it into 2 halves as before with 50% ntfs and 50% ext4)? Thanks muchly. BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Basil Chupin wrote:
I like this idea very much.
Can you suggest how this could be achieved considering that I am using an external USB HDD which, at the moment, is totally formatted in ntfs (Ok, no drama in splitting it into 2 halves as before with 50% ntfs and 50% ext4)? Thanks muchly.
Truecrypt works with both Windows and Linux and portable drives can be moved between the two and should work with any suitable FS. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/02/12 00:02, James Knott wrote:
Basil Chupin wrote:
I like this idea very much.
Can you suggest how this could be achieved considering that I am using an external USB HDD which, at the moment, is totally formatted in ntfs (Ok, no drama in splitting it into 2 halves as before with 50% ntfs and 50% ext4)? Thanks muchly.
Truecrypt works with both Windows and Linux and portable drives can be moved between the two and should work with any suitable FS.
Thanks, James, shall investigate. BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 16:52, Anders Johansson wrote:
On Tuesday 31 January 2012 15:14:30 Tim Serong wrote:
The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere.
This is an important difference between block-level and file-level operations. You really don't want to have file level encryption on your entire /home. You would need to enter your encryption key every time a file was opened. Once for .bashrc, once for .bash_history, once for .profile etc etc etc.
A scheme like that would last exactly 5.4 seconds, then you'd reformat with something sane
"5.4 seconds" if not earlier :-) . But having stated this, I have noticed that after I type in the passphrase after the system (12.1) boots there is a noticeable delay before I get the login menu (to actually enter the system). This did not happen before 12.1. Which leads to the question: has this delay something to do with my having encrypted the /home directory or some other reason? BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 13:10, zep wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
On 1/30/2012 7:44 PM, Basil Chupin wrote: perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
From where I am sitting, this is as useless as the encryption which I am now using on my /home directory. It doesn't matter how many partitions and layers of wotnots you have - they will only work on the CURRENT system and partitions. Copy files to another medium and.....anyone can read them. The only way that this encryption would work is to encrypt each and every FILE with some GPG, or similar, key. But what would be the overhead, eh?! :-( Of course I have no idea how this encryption works in openSUSE and it may just be a bug in the encryption system in 12.1 - I just don't know. All I know at the moment is what I learnt earlier today from personal experience. BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/31/2012 12:44 AM, Basil Chupin wrote:
On 31/01/12 13:10, zep wrote:
On 1/30/2012 7:44 PM, Basil Chupin wrote:
From where I am sitting, this is as useless as the encryption which I am now using on my /home directory. It doesn't matter how many partitions and layers of wotnots you have - they will only work on the CURRENT system and partitions. Copy files to another medium and.....anyone can read them.
I don't quite understand this; with the model I mentioned before, you'd have all your data stored in a file which is then mounted as a partition. if you wanted to back up the files, the cleanest and easiest way would be to unmount the partition, attach the external media, copy the entire large file out to external media, remount and everything's done.
The only way that this encryption would work is to encrypt each and every FILE with some GPG, or similar, key.
No, I don't think that's the way it'd be done. At least you'd have to go to great lengths to implement it this way. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 23:48, zep wrote:
On 31/01/12 13:10, zep wrote:
On 1/30/2012 7:44 PM, Basil Chupin wrote: From where I am sitting, this is as useless as the encryption which I am now using on my /home directory. It doesn't matter how many partitions and layers of wotnots you have - they will only work on the CURRENT system and partitions. Copy files to another medium and.....anyone can read them. I don't quite understand this; with the model I mentioned before, you'd have all your data stored in a file which is then mounted as a
On 1/31/2012 12:44 AM, Basil Chupin wrote: partition. if you wanted to back up the files, the cleanest and easiest way would be to unmount the partition, attach the external media, copy the entire large file out to external media, remount and everything's done.
I am not sure if we are on the same wavelength but when my home directory was encrypted during installation I ended with a separate partition which is specifically identified on my system as another device and it shows up in Dolphin, eg, as "362GB Encrypted Container".
The only way that this encryption would work is to encrypt each and every FILE with some GPG, or similar, key. No, I don't think that's the way it'd be done. At least you'd have to go to great lengths to implement it this way.
BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2012-02-03 at 11:48 +1100, Basil Chupin wrote:
On 31/01/12 23:48, zep wrote:
I don't quite understand this; with the model I mentioned before, you'd have all your data stored in a file which is then mounted as a partition. if you wanted to back up the files, the cleanest and easiest way would be to unmount the partition, attach the external media, copy the entire large file out to external media, remount and everything's done.
I am not sure if we are on the same wavelength but when my home directory was encrypted during installation I ended with a separate partition which is specifically identified on my system as another device and it shows up in Dolphin, eg, as "362GB Encrypted Container".
You can make sure it is a partition with "mount" and "losetup -a" In both cases (partition or loop mounted file) you can dump an encrypted backup with dd. And yes, you can encrypt an external disk on usb. Or a DVD. I have written the procedure on several occasions. - -- Cheers, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk8sdW4ACgkQtTMYHG2NR9UStQCfcy7zGlGpw4xM9QinNvnpR4FH gHAAniv9xUEhZC4paOvStPGEG1gVA6DM =PGTM -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Basil Chupin wrote:
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
From where I am sitting, this is as useless as the encryption which I am now using on my /home directory. It doesn't matter how many partitions and layers of wotnots you have - they will only work on the CURRENT system and partitions. Copy files to another medium and.....anyone can read them.
They can only be read if stored on unencrypted media. Trucrypt can also be used to provide encryption on portable devices. So, regardless of how you encrypt your hard drive, copy to the encrypted portable drive. Also, there's no reason why you can't encrypt the drive you use for backup with the normal Linux encryption. https://en.wikipedia.org/wiki/Truecrypt -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/31/2012 7:54 AM, James Knott wrote:
Basil Chupin wrote:
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
From where I am sitting, this is as useless as the encryption which I am now using on my /home directory. It doesn't matter how many partitions and layers of wotnots you have - they will only work on the CURRENT system and partitions. Copy files to another medium and.....anyone can read them.
They can only be read if stored on unencrypted media. Trucrypt can also be used to provide encryption on portable devices. So, regardless of how you encrypt your hard drive, copy to the encrypted portable drive. Also, there's no reason why you can't encrypt the drive you use for backup with the normal Linux encryption.
https://plus.google.com/u/0/118440353893255425460/posts/GA5krGa5HqC There's obvious problems with all of this at least as stated so far. Once you write the software to do that, the bad guys (your own government/police) know all about it and will know exactly how to tell that you gave them the safe password and will have some tool to detect the difference in total data size or something. Or they just don't use your kernel on your hard drive to decrypt and access your hard drive, they use their own with the the ability to tell immediately that it was fed a safe-type password and not even bother really using it, similarly, their own machine would simply decline to write anything to the drive at all so no destroying the secret data. But actually this ends up proving how stupid the whole "we're the big bad bully cops and we said give us your password or else so you better!" is. Without needing any fancy new functionality added to existing simple drive encryption, you can still thwart the people trying to "force" you to divulge a password very easily. Just generate at least one drive image that really is nothing but random bytes, and tell them that you did so. From the outside, the random and the real filesystems look the same. If you tell them a password and it only decrypts one filesystem, they can tell that there is more space that they haven't decrypted, and they can say "give us the rest or else!" but no amount of coercion can make random data that never was a filesystem into a real filesystem, and so they have no legal basis to penalize or restrain you. Maybe you DID give them all there was to give. They can't prove that you didn't. I wonder if that ladies lawyer thought of this. She could use this argument right now already even after the fact, just by demonstrating how it could be done. It seems to me this might be part of the very reason why we have the rule that says you don't have to incriminate yourself. It's not to allow bad guys to get away with things. It's to prevent cops from torturing people until they say what the cops want to hear, regardless if it's really true or not. If you make a random block of data on your disk, and then for whatever reason the cops grab your disk and demand you give them the password to decrypt that block of data, you would be absolutely honest when you say it's not possible because it's not actually data. But they would never believe you. And that's why it IS ILLEGAL despite what that idiot judge said, to force someone to divulge a password. There is no way to know that you didn't cooperate fully, so it's illegal to treat you as though you didn't -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/02/12 04:48, Brian K. White wrote:
On 1/31/2012 7:54 AM, James Knott wrote:
Basil Chupin wrote:
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
From where I am sitting, this is as useless as the encryption which I am now using on my /home directory. It doesn't matter how many partitions and layers of wotnots you have - they will only work on the CURRENT system and partitions. Copy files to another medium and.....anyone can read them.
They can only be read if stored on unencrypted media. Trucrypt can also be used to provide encryption on portable devices. So, regardless of how you encrypt your hard drive, copy to the encrypted portable drive. Also, there's no reason why you can't encrypt the drive you use for backup with the normal Linux encryption.
https://plus.google.com/u/0/118440353893255425460/posts/GA5krGa5HqC
There's obvious problems with all of this at least as stated so far.
Once you write the software to do that, the bad guys (your own government/police) know all about it and will know exactly how to tell that you gave them the safe password and will have some tool to detect the difference in total data size or something. Or they just don't use your kernel on your hard drive to decrypt and access your hard drive, they use their own with the the ability to tell immediately that it was fed a safe-type password and not even bother really using it, similarly, their own machine would simply decline to write anything to the drive at all so no destroying the secret data.
But actually this ends up proving how stupid the whole "we're the big bad bully cops and we said give us your password or else so you better!" is.
Without needing any fancy new functionality added to existing simple drive encryption, you can still thwart the people trying to "force" you to divulge a password very easily.
Just generate at least one drive image that really is nothing but random bytes, and tell them that you did so.
From the outside, the random and the real filesystems look the same. If you tell them a password and it only decrypts one filesystem, they can tell that there is more space that they haven't decrypted, and they can say "give us the rest or else!" but no amount of coercion can make random data that never was a filesystem into a real filesystem, and so they have no legal basis to penalize or restrain you. Maybe you DID give them all there was to give. They can't prove that you didn't.
I wonder if that ladies lawyer thought of this. She could use this argument right now already even after the fact, just by demonstrating how it could be done.
It seems to me this might be part of the very reason why we have the rule that says you don't have to incriminate yourself. It's not to allow bad guys to get away with things. It's to prevent cops from torturing people until they say what the cops want to hear, regardless if it's really true or not.
If you make a random block of data on your disk, and then for whatever reason the cops grab your disk and demand you give them the password to decrypt that block of data, you would be absolutely honest when you say it's not possible because it's not actually data. But they would never believe you. And that's why it IS ILLEGAL despite what that idiot judge said, to force someone to divulge a password. There is no way to know that you didn't cooperate fully, so it's illegal to treat you as though you didn't
Sorry for not pruning what you said above, but does this cover what you are saying?: http://en.wikipedia.org/wiki/Truecrypt BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Ah well.... http://www.theregister.co.uk/2012/02/03/apple_disc_crypto_broken/ <quote> Passware claims the latest version of its toolkit (Passware Kit Forensic v11.3) can also unlock volumes encrypted using TrueCrypt, a disk encryption software that ranks alongside PGP as the choice of privacy-conscious computer users, human rights activists and others. </quote> -- "The wide world is all about you: you can fence yourselves in, but you cannot for ever fence it out." -- JRR Tolkien, -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/02/12 07:11, Anton Aylward wrote:
Ah well....
http://www.theregister.co.uk/2012/02/03/apple_disc_crypto_broken/
<quote> Passware claims the latest version of its toolkit (Passware Kit Forensic v11.3) can also unlock volumes encrypted using TrueCrypt, a disk encryption software that ranks alongside PGP as the choice of privacy-conscious computer users, human rights activists and others. </quote>
I think that you also could have quoted this from the article: QUOTE Cracking Mac OS X Lion's FileVault encryption using the technology requires physical access to a targeted machine, and the presence of a working FireWire port. As such, it's not much use for remote hack attacks. The encryption keys of password-protected machines cannot be extracted unless machines are turned on. If an attacker can get hold of a machine that's already switched on or where no password protection is applied then the full key extraction process "takes no more than 40 minutes - regardless of the length or complexity of the password," Passware claims. UNQUOTE BC -- Aspire to inspire before you expire. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Basil Chupin said the following on 01/31/2012 12:44 AM:
Of course I have no idea how this encryption works in openSUSE and it may just be a bug in the encryption system in 12.1 - I just don't know. All I know at the moment is what I learnt earlier today from personal experience.
Sorry, I don't see what your problem is. You have an encrypted partition. To mount it you need to give the key so the system can read it. Once its mounted it behaves like a normal file system because its the file system not the files that are encrypted. So of course if you copy using file oriented tools like cp, rsync, cpio, tar ... which can read the files, the output will be clear. And even if you copy with DD -- WHILE THE FILE SYSTEM IS MOUNTED - it will be in the clear. I repeat: its the encryption at the block level, not the file level. There is no bug in 12.1 You have no idea how encryption works ... but really you do. You've just forgotten that its the block you've encrypted not the files. -- "...there is no reason anyone would want a computer in their home." Ken Olson, President, Chairman, and Founder of DEC, 1977 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 23:56, Anton Aylward wrote:
Basil Chupin said the following on 01/31/2012 12:44 AM:
Of course I have no idea how this encryption works in openSUSE and it may just be a bug in the encryption system in 12.1 - I just don't know. All I know at the moment is what I learnt earlier today from personal experience. Sorry, I don't see what your problem is.
You have an encrypted partition. To mount it you need to give the key so the system can read it. Once its mounted it behaves like a normal file system because its the file system not the files that are encrypted.
So of course if you copy using file oriented tools like cp, rsync, cpio, tar ... which can read the files, the output will be clear.
And even if you copy with DD -- WHILE THE FILE SYSTEM IS MOUNTED - it will be in the clear.
I repeat: its the encryption at the block level, not the file level.
There is no bug in 12.1
You have no idea how encryption works ... but really you do. You've just forgotten that its the block you've encrypted not the files.
<SIGH> I said that I didn't know how the encryption worked on the home partition which v12.1 encrypted - and I damn well meant it so don't say that I "...really do"! It's only in this thread that I now discovered that there is block-level encryption and file-level encryption. Don't ever assume anything! Remember, "Assumption is the mother of all f***-ups!" BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Monday, January 30, 2012 09:10:59 PM zep wrote:
On 1/30/2012 7:44 PM, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
I like this idea. What would be interesting is if you could add a third password that would do something to the data. For example, if just giving the bad guy a fake password is enough ok, then show him your boy scout data. But if the bad guy is going to really dig into the disk, then maybe you need to use the "third" password that overwrites all the private data while the bad guy is looking over your boy scout data. Another thing you've got to think about. It seems that most countries are kidnapping and enslaving people for up to 2 years for not giving the password. You've got to think about this, which is worse the 2 years or however many years they enslave you for whatever is on the disk. It could be that 2 is better. Jim in Germany -- Check out my stamp & postcard collection! Yankee GO HOME! Anti-US Propaganda on stamps, postcards, envelopes, and labels http://yankeegohome.18-t.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tuesday 31 January 2012 11:44:58 Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
You could back up the partition with dd to an image file, then it would stay encrypted. Or you could use a backup program that supports encrypting its output. But as long as the backup program reads files using the standard file system interface, they are going to get decrypted on the fly just like they are for any other program Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 31/01/12 17:02, Anders Johansson wrote:
On Tuesday 31 January 2012 11:44:58 Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup. You could back up the partition with dd to an image file, then it would stay encrypted.
Another excellent idea -- it's a toss-up between this and what Tim suggested.
Or you could use a backup program that supports encrypting its output. But as long as the backup program reads files using the standard file system interface, they are going to get decrypted on the fly just like they are for any other program
I am not too sure about going thru a backup program which also has all these conditions :-( . (Flip a coin: Tim or you? :-D .) BC -- The wise man does at once what a fool does finally. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tuesday 31 January 2012 17:32:01 Basil Chupin wrote:
You could back up the partition with dd to an image file, then it would stay encrypted.
Another excellent idea -- it's a toss-up between this and what Tim suggested.
Tim's idea is better. If you do the dd thing, you have to remember that you can only do it while the partition is unmounted, otherwise you are going to end up with a corrupt file system on the image (because things are cached in RAM which dd won't know about), so you couldn't do it in the background while you do other things. With Tim's idea of encrypting the backup hard drive as well, you could Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 2012-01-31 at 11:44 +1100, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8,
I did a backup of my /home to an external HDD.
This is where you went wrong... If you make a backup to (lets say) /backup that might be located on an external device, you should have taken care that the filesystem that lies underneath /backup is _also_ encrypted. So when mounting /home/user_abc you should be prompted for a password. And when mounting /backup (before backup_or_restore) you should also be promted for [different] password-or-PIN. btw, there are harddrives that do entire drive encrption in their drive-bios, but i should not trust their strength..... hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/31/2012 1:02 PM, Hans Witvliet wrote:
On Tue, 2012-01-31 at 11:44 +1100, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8,
I did a backup of my /home to an external HDD.
This is where you went wrong...
If you make a backup to (lets say) /backup that might be located on an external device, you should have taken care that the filesystem that lies underneath /backup is _also_ encrypted.
Exactly. The whole thread is a tempest in a teapot of misunderstanding. The encrypted partition/drive was unlocked (key supplied) when mounted and as such the files were accessible completely unencrypted. How else could they possibly be used by any Linux application? You might be able to unmount, and then dd the partition, but any method that involves copying the contents of an OPEN encryption container is going to yield unencrypted results. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/02/12 08:22, John Andersen wrote:
On 1/31/2012 1:02 PM, Hans Witvliet wrote:
On Tue, 2012-01-31 at 11:44 +1100, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8,
I did a backup of my /home to an external HDD.
This is where you went wrong...
If you make a backup to (lets say) /backup that might be located on an external device, you should have taken care that the filesystem that lies underneath /backup is _also_ encrypted.
Exactly.
The whole thread is a tempest in a teapot of misunderstanding.
But not necessarily all attributable to 'misunderstanding', John. I posted my message with two aims in mind: to warn others who, like myself, thought that the data in their encrypted /home is safe even when back-upped; and to learn why the data could be read when copied over. So, the basis for my post was ignorance in the second instance and trying to warn others as the prime reason. BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/02/12 08:02, Hans Witvliet wrote:
On Tue, 2012-01-31 at 11:44 +1100, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD. This is where you went wrong...
If you make a backup to (lets say) /backup that might be located on an external device, you should have taken care that the filesystem that lies underneath /backup is _also_ encrypted.
So when mounting /home/user_abc you should be prompted for a password. And when mounting /backup (before backup_or_restore) you should also be promted for [different] password-or-PIN.
btw, there are harddrives that do entire drive encrption in their drive-bios, but i should not trust their strength.....
hw
Thanks for this. As I stated, I didn't know how the encryption worked because I have never bothered with it. But I have learnt a lot from all the comments made in this thread and I have been "heducated" somewhat on this subject :-) . I shall now go away and have a look at how to encrypt my external HDD. BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Basil Chupin <blchupin@iinet.net.au> [02-02-12 20:21]:
Thanks for this. As I stated, I didn't know how the encryption worked because I have never bothered with it. But I have learnt a lot from all the comments made in this thread and I have been "heducated" somewhat on this subject :-) . I shall now go away and have a look at how to encrypt my external HDD.
Just make sure you use "open source" to do it, not that included in the drive mechanics or your computer hardware. -- (paka)Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 http://en.opensuse.org openSUSE Community Member Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 03/02/12 12:53, Patrick Shanahan wrote:
* Basil Chupin<blchupin@iinet.net.au> [02-02-12 20:21]:
Thanks for this. As I stated, I didn't know how the encryption worked because I have never bothered with it. But I have learnt a lot from all the comments made in this thread and I have been "heducated" somewhat on this subject :-) . I shall now go away and have a look at how to encrypt my external HDD. Just make sure you use "open source" to do it, not that included in the drive mechanics or your computer hardware.
Thanks, Patrick. Fortunately I don't have any hardware that has this feature - possibly something which I may be buying in the foreseeable future in which case I definitely will not use it. BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2012-02-03 at 13:17 +1100, Basil Chupin wrote:
On 03/02/12 12:53, Patrick Shanahan wrote:
Just make sure you use "open source" to do it, not that included in the drive mechanics or your computer hardware.
Thanks, Patrick. Fortunately I don't have any hardware that has this feature
Actually, you do. :-) - -- Cheers, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk8sd2QACgkQtTMYHG2NR9XBGACfS7H8+frtP0TB7RYh+rUKF0yB CXMAnRr02vKNORsWdNWhR3TqqF7jOJCK =Df7H -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/02/12 11:10, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday, 2012-02-03 at 13:17 +1100, Basil Chupin wrote:
On 03/02/12 12:53, Patrick Shanahan wrote:
Just make sure you use "open source" to do it, not that included in the drive mechanics or your computer hardware.
Thanks, Patrick. Fortunately I don't have any hardware that has this feature
Actually, you do. :-)
I does? Tells me about it. Puleeze :-) . BC -- Aspire to inspire before you expire. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 03/02/12 12:53, Patrick Shanahan wrote:
* Basil Chupin<blchupin@iinet.net.au> [02-02-12 20:21]:
Thanks for this. As I stated, I didn't know how the encryption worked because I have never bothered with it. But I have learnt a lot from all the comments made in this thread and I have been "heducated" somewhat on this subject :-) . I shall now go away and have a look at how to encrypt my external HDD. Just make sure you use "open source" to do it, not that included in the drive mechanics or your computer hardware.
Just a follow-up to what I wrote earlier. I just read the wikipedia entry for TrueCrypt and now found that in 12.1 there is REALCRYPT v7.0a-2.6 which is rebranded TrueCrypt (to allow for alterations to be made - GPL licencing I guess). Any contras to my installing REALCRYPT in Yast? BC -- "If I were a rich man, yubbydibbydibbydibbydibbydibbydibbydum. All day long I’d biddybiddybum, if I were a wealthy man. Which probably explains why I’m not." -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2/2/2012 8:01 PM, Basil Chupin wrote:
On 03/02/12 12:53, Patrick Shanahan wrote:
* Basil Chupin<blchupin@iinet.net.au> [02-02-12 20:21]:
Thanks for this. As I stated, I didn't know how the encryption worked because I have never bothered with it. But I have learnt a lot from all the comments made in this thread and I have been "heducated" somewhat on this subject :-) . I shall now go away and have a look at how to encrypt my external HDD. Just make sure you use "open source" to do it, not that included in the drive mechanics or your computer hardware.
Just a follow-up to what I wrote earlier.
I just read the wikipedia entry for TrueCrypt and now found that in 12.1 there is REALCRYPT v7.0a-2.6 which is rebranded TrueCrypt (to allow for alterations to be made - GPL licencing I guess).
Any contras to my installing REALCRYPT in Yast?
BC
Basil - I have been using both RealCrypt and TrueCrypt for years now... Both work fine, are interchangeable and are well thought out. Had no troubles installing RealCrypt via Yast. One of your worries, being forced to divulge the password is also covered. You can have a hidden encrypted volume within another encrypted volume, which requires a separate password to unlock. If force to "give up" a password, you give the password for the outer encrypted volume. There is no way to determine if an inner encrypted volume even exists, thus giving you plausible denial ability.... I dunno about encrypting your entire home directory, never tried to... I simply create the encrypted volume(s) somewhere convenient and mount it with RealCrypt when I need to access it. I do this both on my internal hard drives, and on portable USB drives with no problems... HTHs Marc... -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Marc Chamberlin wrote:
One of your worries, being forced to divulge the password is also covered.
Somebody wrote a steganographic filesystem too, but I haven't looked for it recently: http://en.wikipedia.org/wiki/StegFS (pretty old stuff).
You can have a hidden encrypted volume within another encrypted volume, which requires a separate password to unlock. If force to "give up" a password, you give the password for the outer encrypted volume. There is no way to determine if an inner encrypted volume even exists, thus giving you plausible denial ability....
http://en.wikipedia.org/wiki/Steganographic_file_system -- Per Jessen, Zürich (-11.5°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (15)
-
Anders Johansson -
Anders Johansson -
Anton Aylward -
Basil Chupin -
Brian K. White -
Carlos E. R. -
Hans Witvliet -
James Hatridge -
James Knott -
John Andersen -
Marc Chamberlin -
Patrick Shanahan -
Per Jessen -
Tim Serong -
zep