<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7655.8"> <TITLE>AW: RE Re: Ubuntu ISO Testing team: New buildnotification-whyUbuntu-Studio-devel Digest, Vol 56, Issue 2</TITLE> </HEAD> <BODY>  -----Ursprüngliche Nachricht----- Von: ubuntu-studio-devel-bounces@lists.ubuntu.com im Auftrag von Luke Kuhn Gesendet: Fr 12/2/2011 19:55 An: ubuntu-studio-devel@lists.ubuntu.com Betreff: Re: RE Re: Ubuntu ISO Testing team: New buildnotification-whyUbuntu-Studio-devel Digest, Vol 56, Issue 2 The function of encrypted disks is twofold. One is that, assuming an "evil maid" multi-visit attack is not the issue, it protects data in the event of a police raid or "burglary." The second is that recovery and failure to penetrate one such encrypted computer deters future raids and "burglaries," on grounds or limited manpower and resources. People don't fish in places where the fish don't bite. Doesn't work all the time, but as part of "defense in depth" it helps a LOT. They sure as hell never made another attempt to get computer information from me. There is a serious privacy concern in Ubuntu, hopefully not in Ubuntustudio by default-Zeitgiest, with so far lacks controls to turn off logging. I remove it, accept that Unity's menus won't work at all, and turn ~/.recently-used.xbel into a directory. This both protects people I give an unencrypted build of the OS I use (because they don't want to be bothered with memorizing a secure passphrase) ands removes a file of great use to a skilled attacker if one finds a way to read it online. The other factors you mention are beyond the scope of a default OS install for the most part. I will now discuss some of the measures that are used with encryption when it is necessary to presume that a national government and not just a local police department is the opposition. One should always prepare as though the most capable adversary they will face will be the opponent. I will now discuss encryption and computer "tradecraft" for this level: CRT monitors should never be use where security is an issue, their RF radiaiton is far too strong. In rural areas where you can control a large space and move back the listening post (LP), RF signals travel a hell of a long way. In urban areas they die really fast-but the LP could literally be on the other side of the wall, so that's a wash. In the US, the codeword for the defense against this mode of attack is "TEMPEST" and a tempested installation is one that is RF shielded, by shielding the room, the installation, or both against RF leakage. In the real world, RF chokes on power and other leads, an LED monitor, a case with NO plastic panels lacking metal backings, and reportedly not using analog VGA cables to the monitor all reduce RF leakage and force the LP to be much closer and more easily detected. I've never heard of a TEMPEST attack beng sucessfully used by the FBI against any activist in the US. If they have it and don't want to admit to it, the data becomes far less useful. ISP and phone snooping is another matter. No connection registered to the user by a real name is safe, no home connection is safe, even wireless broadband with GPS jammed and prepaid with fake personal info could be triangulated and the right house guessed-or ALL houses in the triangulation zone raided in some countries or low density areas. Assume your carrier copies everything you do and keeps it forever. Use SSL for any site that supports it. Presumably intellegence agencies can crack it, but Carnivore cannot, and neither can your ISP. What your ISP cannot read, they cannot pass on to the FBI. the secret police, or whoever. Just using Ubuntu instead of an Adroid or iOS smartphone and using it on the road is a big start, because the latter two OS's have been revealed to often contain commercial spyware alled "CarrierIQ" that reports back URL's visited, etc to the carriers. Once there, the security forces have access to it. Then we can get into MAC address spooking, disposable external USB wifi cards on the hardware side, and site selection on the user side. I would not worry about raw video files being copied over the Internet, that requires more bandwidth than most connections have. I suppose the FBI could order a cable provider to give them a fast connection into someone's system though. Raw photos this might be possible, same for text. Monitor your bandwidth, watch for suspicious activity or processes The "evil maid" boot keylogger attack is harder to implement against Ubuntu than against Truecrypt, as everyone's initramfs is a little different and the attack script will have to generate it locally without access to /etc/initramfs-tools, just the existing initramfs. There are no published reports of any intelligence service using this in the field, if this is an issue keeping /boot on a falsh drige on your physical keyring makes this attack impossible without access to that keyring. The real dangers, assuming you use disk encryption, are this: 1: ANY unencrypted email on ANY server containing infomation that cannot be told to a cop and a reporter at the same time. 2: A poorly-motivated member of the crew with custody of important information snitching under pressure-NEVER share passphrases between users! 3: :Weak passphrases vulnerable to dictionary or publised-writing attacks, widely used by the Secret Service. 4: : Smudges left on touch screens from password entry-this is a known and published from of pass-pattern recovery. 5: Using public access wifi without consideration for the locations of security cameras, or using the same site repeatedly for secure work. 6: Logging into personal email or social networking from any location while doing secure work 7:Browsers that snoop: Chrome or Chromium without turning off the spyware, ANY browser in it's default settings 8: THE WORST OFFENDER: Facebook! Don't use it at all. Full ACK especially regarding to Facebook :). 9: Google. They keep EVERYTHING, always use Tor and/or the Scroogle anonymizer to reach them --- No, I'm using google, even without customizegoogle plugin or similar, of cause not for important things, that might be against the policy of my country or against the one of the country a friend is living in. Scroogle for hits in German is bad. Tor is much to slow, if I like to watch porn ;). Pardon, to be serious again, anonymous surfing is very slow and anonymous mailing is safe regarding to security, but often mails don't reach the recipient and even if the recipient get the mail, it might be much too late. Media based guerilla war shouldn't be done by people that don't have an enormous knowledge about weak points regarding to computers and electronics. A default encryption of the hard discs doesn't help clueless people very much. And I'm sure our intelligence services aren't interested in your or my computer. If you or I should became focused they would "talk" to us, they aren't interested in our computes. The important thing for our local police are resources. So, China has many "dissidents", but less resources for encryption. The western world has less "dissidents" ;), but a lot of computer resources. This might broach conspiracy theory ;). --- > Subject: Re: RE Re: Ubuntu ISO Testing team: New buildnotification-why > encryption support is needed > Message-ID: <op.v5uuiwdrqhadp0@suse11-2> > Content-Type: text/plain; charset=iso-8859-1; format=flowed; delsp=yes > > Note, at least if you are using a CRT, no disc encryption isn't your > biggest issue, since everybody able to use an antenna, is able to see > everything on your screen from the house from the other side of the road. > > "Explicit" anarchistic data has no place on a computer. Encryption is > completely safe. No intelligence service is able to do refactoring of > primes, assumed the encryption avoids pseudo-primes, such as some Fermat > numbers. > > The weak spot is the computer in general, there are several ways to spy, > if a computer is used. > > Anyway, I agree that for states like China, encryption of discs is > important, for western countries we need other methods to be more safe, > assumed the data is explicit-explicit anarchistic. Writing about weed to > e.g. some southern states in the USA, you only need 1024 encryption for > your mails. > > Note, anonymous surfing and mailing isn't safe, if everybody is able to > get access to e.g. your two telephone cables. > > 2 cents, > > Ralf </BODY> </HTML>