1996-08-28 - Re: File System Encryption

Header Data

From: “Douglas R. Floyd” <dfloyd@io.com>
To: adamsc@io-online.com
Message Hash: edd21adaaf2b7b9a41b433e4abc7f9bb3564c148c84e09a8a28d0105cfbaa271
Message ID: <199608281823.NAA14144@bermuda.io.com>
Reply To: <19960828165105171.AAA175@IO-ONLINE.COM>
UTC Datetime: 1996-08-28 22:33:51 UTC
Raw Date: Thu, 29 Aug 1996 06:33:51 +0800

Raw message

From: "Douglas R. Floyd" <dfloyd@io.com>
Date: Thu, 29 Aug 1996 06:33:51 +0800
To: adamsc@io-online.com
Subject: Re: File System Encryption
In-Reply-To: <19960828165105171.AAA175@IO-ONLINE.COM>
Message-ID: <199608281823.NAA14144@bermuda.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> On Tue, 27 Aug 1996 09:01:03 -0500 (CDT), Douglas R. Floyd wrote:

> 
> Better yet, patch some stuff onto a spare power supply cable so that a small
> siren would go off on a reboot and then use those security bolts to hold the
> case on.  That would probably discourage someone from rebooting off a floppy.

I just unplugged the floppy drive power cable, and disabled it in the
BIOS.  Even if they reboot the box, the drive will be inaccessable... all
they will have is a file called bigrandseed which holds the data in it.

As for case protection, the best thing to do is have a tamper switch which
shuts the box off if opened.

> 
> >someone has the permissions to access the files through the network, the
> >files are inaccessable ;-).
> 
> Neat idea, and a great use for all the linux security patches we've heard
> about.

One thing I think I can use this for is making a "lock box" for holding a
PGP key for signing/decrypting stuff.  Attach a keyboard, and on boot,
have the PGP key decrypted into a RAM drive.  Then, have a key switch on
the case and a wrapper on PGP to detect this.  E-mail what you want
signed, turn the key, and it emails the signed/decoded file back.  Someone
opens the machine, tamper switch turns the box off.  Box off?  Key is now
left in encrypted state, most likely hidden in one of the many sound
files...

Sounds like a nice saturday afternoon project.

OBSecurityAlert:

Have people updated their Sendmail yet?  Another security alert went out
on it yesterday...






Thread