[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: File System Encryption
>
> On Tue, 27 Aug 1996 09:01:03 -0500 (CDT), Douglas R. Floyd wrote:
>
> Better yet, patch some stuff onto a spare power supply cable so that a small
> siren would go off on a reboot and then use those security bolts to hold the
> case on. That would probably discourage someone from rebooting off a floppy.
I just unplugged the floppy drive power cable, and disabled it in the
BIOS. Even if they reboot the box, the drive will be inaccessable... all
they will have is a file called bigrandseed which holds the data in it.
As for case protection, the best thing to do is have a tamper switch which
shuts the box off if opened.
>
> >someone has the permissions to access the files through the network, the
> >files are inaccessable ;-).
>
> Neat idea, and a great use for all the linux security patches we've heard
> about.
One thing I think I can use this for is making a "lock box" for holding a
PGP key for signing/decrypting stuff. Attach a keyboard, and on boot,
have the PGP key decrypted into a RAM drive. Then, have a key switch on
the case and a wrapper on PGP to detect this. E-mail what you want
signed, turn the key, and it emails the signed/decoded file back. Someone
opens the machine, tamper switch turns the box off. Box off? Key is now
left in encrypted state, most likely hidden in one of the many sound
files...
Sounds like a nice saturday afternoon project.
OBSecurityAlert:
Have people updated their Sendmail yet? Another security alert went out
on it yesterday...