On 26 Mrz., 16:10, Michael Lange wrote:
> On Thu, 26 Mar 2009 10:41:26 +0200
>
Ok, there seems to be a bug in debian's initramfs-tools that resembles
a lot the one described at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507721
.
In the last few days I learned how to unpack, edit and re-pa
On Thu, 26 Mar 2009 10:41:26 +0200
Γιώργος Πάλλας wrote:
> klappnase wrote:
> > Hello,
> > after I upgraded to lenny I am not able to boot the new kernel
> > (2.6.26-1-686), however it still works using the old etch kernel
> > (2.6.22-2-k7 from backports.org). About my system: There is an
> > enc
klappnase wrote:
Hello,
after I upgraded to lenny I am not able to boot the new kernel
(2.6.26-1-686), however it still works using the old etch kernel
(2.6.22-2-k7 from backports.org). About my system: There is an
encrypted root partition on /dev/hda1 and a separate /boot partition
on /dev/hda4.
Hello,
after I upgraded to lenny I am not able to boot the new kernel
(2.6.26-1-686), however it still works using the old etch kernel
(2.6.22-2-k7 from backports.org). About my system: There is an
encrypted root partition on /dev/hda1 and a separate /boot partition
on /dev/hda4. When booting the n
hello,
the discussion is really interesting and informative.
there's just something I don't understand.
Jeff Soules wrote:
> good.) In any case, with EncFS we're talking about a technological
> solution in which the encryption key is stored alongside the encrypted
> media, so whatever the pass
Andrew McGlashan wrote:
> And what if you encrypted the result multiple times with a number of
> different keys?
>
Security does not improve so much, actually.
http://en.wikipedia.org/wiki/Meet-in-the-middle_attack
--
Unless you love someone, nothing else makes any sense.
--
Chris Jones:
> On Fri, Feb 27, 2009 at 08:34:25AM EST, Jochen Schulz wrote:
>
>> This is a valid question! Depending on the encryption system in use,
>> it cannot be answered satisfactorily.
>
> I'm not sure it's related to the encryption/decryption process.
>
> What I had in mind when I wrote
Hi,
Chris Jones wrote:
While your brute force decryption is running, how do you determine you
have found the "one key" and decide it's time to stop?
Among trillions of trillions, when do you know you've hit the jackpot?
And what if you encrypted the result multiple times with a number of
dif
On Fri, Feb 27, 2009 at 08:34:25AM EST, Jochen Schulz wrote:
> Chris Jones:
> > I have a naive question.
> >
> > While your brute force decryption is running, how do you determine
> > you have found the "one key" and decide it's time to stop?
> This is a valid question! Depending on the encrypt
Chris Jones:
>
> I have a naive question.
>
> While your brute force decryption is running, how do you determine you
> have found the "one key" and decide it's time to stop?
This is a valid question! Depending on the encryption system in use,
it cannot be answered satisfactorily. If a one-time
>
>
>
> Original Message
>From: cjns1...@gmail.com
>To: debian-user@lists.debian.org
>Subject: Re: How to protect an encrypted file system for off-line
>attack?
>Date: Thu, 26 Feb 2009 18:34:40 -0500
>
>>On Tue, Feb 24, 2009 at 12:56:00AM EST, Ron Johns
On 02/26/2009 08:42 PM, Ron Johnson wrote:
On 02/26/2009 08:32 PM, Chris Jones wrote:
[snip]
Depending on what was encrypted, and given the time, I'm sure I'd be
able to determine, one tentative key at a time, whether the output is
gobbledygook or not.. But even if the original data was in t
On 02/26/2009 08:32 PM, Chris Jones wrote:
On 02/26/2009 06:51 PM, Chris Jones wrote:
On Thu, Feb 26, 2009 at 07:11:43PM EST, Ron Johnson wrote:
On 02/26/2009 05:34 PM, Chris Jones wrote:
Among trillions of trillions, when do you know you've hit the
jackpot?
When you can decrypt the docum
> On 02/26/2009 06:51 PM, Chris Jones wrote:
> >On Thu, Feb 26, 2009 at 07:11:43PM EST, Ron Johnson wrote:
> >>On 02/26/2009 05:34 PM, Chris Jones wrote:
> >>>Among trillions of trillions, when do you know you've hit the
> >>>jackpot?
> >>When you can decrypt the document with it?
> >You don't h
On 02/26/2009 06:51 PM, Chris Jones wrote:
On Thu, Feb 26, 2009 at 07:11:43PM EST, Ron Johnson wrote:
On 02/26/2009 05:34 PM, Chris Jones wrote:
I have a naive question.
While your brute force decryption is running, how do you determine
you have found the "one key" and decide it's time to s
On Thu, Feb 26, 2009 at 07:11:43PM EST, Ron Johnson wrote:
> On 02/26/2009 05:34 PM, Chris Jones wrote:
> >I have a naive question.
> >
> >While your brute force decryption is running, how do you determine
> >you have found the "one key" and decide it's time to stop?
> >
> >Among trillions of tri
On 02/26/2009 05:34 PM, Chris Jones wrote:
[snip]
Sorry to revive and already dead thread ..
I have a naive question.
While your brute force decryption is running, how do you determine you
have found the "one key" and decide it's time to stop?
Among trillions of trillions, when do you know
On Tue, Feb 24, 2009 at 12:56:00AM EST, Ron Johnson wrote:
> On 02/23/2009 08:43 PM, Javier wrote:
> [snip]
> >
> >
> >As I also have read in the Wikipedia, it is reseonable to crack a 56bits
> >DES, a 64bits AES if you have online access to the machine, and probably
> >in the future it might be po
On Mon, Feb 23, 2009 at 07:53:54PM EST, Ron Johnson wrote:
> On 02/23/2009 06:12 PM, Chris Jones wrote:
> >On Mon, Feb 23, 2009 at 02:34:26PM EST, Ron Johnson wrote:
> >>Given enough time, and resources, *nothing* is untouchable. It's
> >>just a matter of whether They think that the time-effort is
On 02/24/2009 03:35 PM, ow...@netptc.net wrote:
[snip]
Ron et al
Actually this was the case with the DES; the NSA put out a RFP and
worked with the potential vendors quite closely during the
development. IBM (Tuchman and Myers) eventually won the bid. I
attended a week-long security seminar ser
>
>
>
> Original Message
>From: ron.l.john...@cox.net
>To: debian-user@lists.debian.org
>Subject: Re: How to protect an encrypted file system for off-line
>attack?
>Date: Tue, 24 Feb 2009 12:47:15 -0600
>
>>On 02/24/2009 09:50 AM, ow...@netptc.net w
On 02/24/2009 12:59 PM, John Hasler wrote:
Ron Johnson writes:
[An NSA backdoor in DES & successors] would only be possible if The
Government controlled the source code, or had an "understanding" with
those who write closed-source code.
The claim is stronger than that. It is that there are ba
Ron Johnson writes:
> [An NSA backdoor in DES & successors] would only be possible if The
> Government controlled the source code, or had an "understanding" with
> those who write closed-source code.
The claim is stronger than that. It is that there are backdoors in the
algorithms: weaknesses tha
On 02/24/2009 09:50 AM, ow...@netptc.net wrote:
[snip]
And in fact there always has been suspicion in the crypto community
that, in at least some of the ciphers (going back to the original
DES) that the NSA had built in a "trapdoor" such that they could
easily decrypt the message but anyone else,
>> there's no known practical attack on it. It performs well. So it is
>
> ^
>
> That's the word, of course... Any government that discovers a successful
> attack is going to keep quiet.
Except in a certain side-channel sense -- any government that
discovers a successful attac
>
>
>
> Original Message
>From: ron.l.john...@cox.net
>To: debian-user@lists.debian.org
>Subject: Re: How to protect an encrypted file system for off-line
>attack?
>Date: Tue, 24 Feb 2009 04:27:31 -0600
>
>>On 02/24/2009 02:36 AM, Tzafrir Cohen wrot
>
>
>
> Original Message
>From: javu...@gmail.com
>To: debian-user@lists.debian.org
>Subject: Re: How to protect an encrypted file system for off-line
>attack?
>Date: Tue, 24 Feb 2009 03:31:51 +0100
>
>>ow...@netptc.net escribió:
>>>>
>
On 02/24/2009 02:36 AM, Tzafrir Cohen wrote:
[snip]
Anyway, the AES cipher is one that is very well studied. It has been
implemented all over. Just about anybody have tried to attack it and
yet there's no known practical attack on it. It performs well. So it is
^
That's
On Mon, Feb 23, 2009 at 03:43:06PM -0500, Celejar wrote:
> On Sun, 22 Feb 2009 20:10:57 -0600
> Ron Johnson wrote:
>
> > On 02/22/2009 07:03 PM, Javier wrote:
>
> ...
>
> > > And which is better, Blowfish or AES?
> >
> > AES.
>
> Source? Wikipedia just says:
>
> "Blowfish provides a good en
On 02/23/2009 08:43 PM, Javier wrote:
[snip]
As I also have read in the Wikipedia, it is reseonable to crack a 56bits
DES, a 64bits AES if you have online access to the machine, and probably
in the future it might be possible to crack a 128bits, even offline.
But, a 256 one? It seems incredible
Ron Johnson escribió:
> On 02/23/2009 06:12 PM, Chris Jones wrote:
>> On Mon, Feb 23, 2009 at 02:34:26PM EST, Ron Johnson wrote:
>>
>>> Given enough time, and resources, *nothing* is untouchable. It's just
>>> a matter of whether They think that the time-effort is worth being
>>> spent on *you*.
>>
ow...@netptc.net escribió:
>>
>>
>> Original Message
>> From: javu...@gmail.com
>> To: debian-user@lists.debian.org
>> Subject: Re: How to protect an encrypted file system for off-line
>> attack?
>> Date: Mon, 23 Feb 2009 23:53:27 +0100
&g
On 02/23/2009 07:12 PM, Celejar wrote:
[snip]
But it's "not a concern for full 16-round Blowfish", so is that really
a problem?
"There is no effective cryptanalysis on the full-round version of
Where there's smoke, there might be fire.
[snip]
So as I said, anything wrong with Twofish?
D
On Mon, 23 Feb 2009 18:59:56 -0600
Ron Johnson wrote:
> On 02/23/2009 02:43 PM, Celejar wrote:
> > On Sun, 22 Feb 2009 20:10:57 -0600
> > Ron Johnson wrote:
> >
> >> On 02/22/2009 07:03 PM, Javier wrote:
> >
> > ...
> >
> >>> And which is better, Blowfish or AES?
> >> AES.
> >
> > Source? W
On Tue, 24 Feb 2009 00:10:54 +0100
Javier wrote:
...
> I've discovered that the program apg is very nice, it can produce
> lengthy but pronounceable pass phrases like these (40 readable chars,
> probably equivalent to a 256bit random one):
Or pwgen.
Celejar
--
mailmin.sourceforge.net - remote
On 02/23/2009 02:43 PM, Celejar wrote:
On Sun, 22 Feb 2009 20:10:57 -0600
Ron Johnson wrote:
On 02/22/2009 07:03 PM, Javier wrote:
...
And which is better, Blowfish or AES?
AES.
Source? Wikipedia just says:
"Blowfish provides a good encryption rate in software and no effective
cryptan
On 02/23/2009 06:12 PM, Chris Jones wrote:
On Mon, Feb 23, 2009 at 02:34:26PM EST, Ron Johnson wrote:
Given enough time, and resources, *nothing* is untouchable. It's just
a matter of whether They think that the time-effort is worth being
spent on *you*.
Like, twenty times the estimated life
>
>
>
> Original Message
>From: javu...@gmail.com
>To: debian-user@lists.debian.org
>Subject: Re: How to protect an encrypted file system for off-line
>attack?
>Date: Mon, 23 Feb 2009 23:53:27 +0100
>
>>Ron Johnson escribió:
>>> On 02/23/
On Mon, Feb 23, 2009 at 02:34:26PM EST, Ron Johnson wrote:
> Given enough time, and resources, *nothing* is untouchable. It's just
> a matter of whether They think that the time-effort is worth being
> spent on *you*.
Like, twenty times the estimated life of the universe.. a thousand times
its ma
Jordi Gutiérrez Hermoso escribió:
> 2009/2/23 Javier :
>> The main point here is: if he is lucky enough, no police would enter
>> into his house.
>
> Since this has become a tinfoil hat thread more than an encryption thread...
>
> My own personal solution to the problem has been this: my hard dri
Ron Johnson escribió:
> On 02/23/2009 09:26 AM, Javier wrote:
>> Ron Johnson escribió:
>>> On 02/23/2009 01:28 AM, Jordi Gutiérrez Hermoso wrote:
2009/2/21 Javier :
> I'm actually using encfs to protect my sensitive data,
Eh...
http://xkcd.com/538/
>>> That's known as
On Mon, 23 Feb 2009 00:06:02 -0500
Jeff Soules wrote:
> Hi Javier,
>
> Thank you for your reply. Given the hypothetical (but all too
> possible) situation you describe, there are different considerations.
>
> > Now imagine the worst situation, that a friend wants to protect his data
> > from h
On Sun, 22 Feb 2009 20:10:57 -0600
Ron Johnson wrote:
> On 02/22/2009 07:03 PM, Javier wrote:
...
> > And which is better, Blowfish or AES?
>
> AES.
Source? Wikipedia just says:
"Blowfish provides a good encryption rate in software and no effective
cryptanalysis of it has been found to date
On 02/23/2009 09:26 AM, Javier wrote:
Ron Johnson escribió:
On 02/23/2009 01:28 AM, Jordi Gutiérrez Hermoso wrote:
2009/2/21 Javier :
I'm actually using encfs to protect my sensitive data,
Eh...
http://xkcd.com/538/
That's known as Rubber Hose Decryption.
Oh yes, but if he had the
2009/2/23 Javier :
> The main point here is: if he is lucky enough, no police would enter
> into his house.
Since this has become a tinfoil hat thread more than an encryption thread...
My own personal solution to the problem has been this: my hard drive
decryption password is 25 random printable
Jeff Soules wrote:
...
>
>> The most intrusive attacks, where an attacker has complete control of
>> the user's machine (and can therefor modify EncFS, or FUSE, or the
>> kernel itself) are not guarded against. Do not assume that encrypted
>> files will protect your sensitive data if you enter you
Jeff Soules escribió:
> Hi Javier,
>
> Thank you for your reply. Given the hypothetical (but all too
> possible) situation you describe, there are different considerations.
>
>> Now imagine the worst situation, that a friend wants to protect his data
>> from his corrupt dictatorial government
>
Ron Johnson escribió:
> On 02/23/2009 01:28 AM, Jordi Gutiérrez Hermoso wrote:
>> 2009/2/21 Javier :
>>> I'm actually using encfs to protect my sensitive data,
>>
>> Eh...
>>
>> http://xkcd.com/538/
>
> That's known as Rubber Hose Decryption.
>
Oh yes, but if he had the chance to scape, a
On 02/23/2009 01:28 AM, Jordi Gutiérrez Hermoso wrote:
2009/2/21 Javier :
I'm actually using encfs to protect my sensitive data,
Eh...
http://xkcd.com/538/
That's known as Rubber Hose Decryption.
--
Ron Johnson, Jr.
Jefferson LA USA
The feeling of disgust at seeing a human female i
2009/2/21 Javier :
> I'm actually using encfs to protect my sensitive data,
Eh...
http://xkcd.com/538/
- Jordi G. H.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi Javier,
Thank you for your reply. Given the hypothetical (but all too
possible) situation you describe, there are different considerations.
> Now imagine the worst situation, that a friend wants to protect his data
> from his corrupt dictatorial government
Absolutely a possibility. There ar
On 02/22/2009 07:03 PM, Javier wrote:
[snip]
Now imagine the worst situation, that a friend wants to protect his data
from his corrupt dictatorial government, and he doesn't want to directly
make the question here, because he is afraid.
From your name, we can reasonably narrow it down. I.e., h
Jeff Soules escribió:
> As Ron said, the problem you're describing is a little bit different
> from the one the man page talks about.
>
>> The most intrusive attacks, where an attacker has complete control of
>> the user's machine (and can therefor modify EncFS, or FUSE, or the
>> kernel itself) a
As Ron said, the problem you're describing is a little bit different
from the one the man page talks about.
> The most intrusive attacks, where an attacker has complete control of
> the user's machine (and can therefor modify EncFS, or FUSE, or the
> kernel itself) are not guarded against. Do not
On 02/21/2009 10:16 AM, Javier wrote:
Sorry for my ignorance in this respect, I hope you can help me.
I'm actually using encfs to protect my sensitive data, but this is what
is said in the manual:
"""The most intrusive attacks, where an attacker has complete control of
the user’s machine (and c
Sorry for my ignorance in this respect, I hope you can help me.
I'm actually using encfs to protect my sensitive data, but this is what
is said in the manual:
"""The most intrusive attacks, where an attacker has complete control of
the user’s machine (and can therefor modify EncFS, or FUSE, or th
On Mon, 15 Mar 2004, Toby Batch wrote:
> That works fine but I need 'live access' to the file system.
poke around at the various encrypted fs options
http://www.Linux-Sec.net/FileSystem/#Encrypted
c ya
alvin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscr
Paul Johnson wrote:
On Sun, Mar 14, 2004 at 12:32:01PM +, Toby Batch wrote:
I'm looking for a method to create a encrypted sub-directory structure
on an existing partition. I have an existing user base with home
directories in /home but I want some (only some) of these users to have
encryp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Mar 14, 2004 at 12:32:01PM +, Toby Batch wrote:
> I'm looking for a method to create a encrypted sub-directory structure
> on an existing partition. I have an existing user base with home
> directories in /home but I want some (only some
Osamu Aoki wrote:
Hi,
Short answer seems to be:
# apt-get install nfs-kernel-server
On Sun, Mar 14, 2004 at 03:00:45PM +, Toby Batch wrote:
Julius Plenz wrote:
* Toby Batch <[EMAIL PROTECTED]> [2004-03-14 13:42]:
Maybe cfs (cryptographic file system) is what you want.
I tried this but I
Hi,
Short answer seems to be:
# apt-get install nfs-kernel-server
On Sun, Mar 14, 2004 at 03:00:45PM +, Toby Batch wrote:
> Julius Plenz wrote:
> >* Toby Batch <[EMAIL PROTECTED]> [2004-03-14 13:42]:
> >Maybe cfs (cryptographic file system) is what you want.
> I tried this but I got this w
Julius Plenz wrote:
* Toby Batch <[EMAIL PROTECTED]> [2004-03-14 13:42]:
I'm looking for a method to create a encrypted sub-directory
structure on an existing partition. I have an existing user base
with home directories in /home but I want some (only some) of these
users to have encrypted home s
I'm looking for a method to create a encrypted sub-directory structure
on an existing partition. I have an existing user base with home
directories in /home but I want some (only some) of these users to have
encrypted home spaces. This machine is remote to me but I have root
access, so rebuil
Hi
This problem has happened to me on both RedHat and Mandrake (sorry... :)
) so I guess it's not distribution specific but a common one. I'm going
to set it now in woody and I want to know if I can solve this (or is it
a "feature").
When making an encrypted file system (
[Courtesy copy of Usenet posting]
Richard <[EMAIL PROTECTED]> wrote:
>Has anyone herd or seen a thing called " Encrypted File system" on any
>Debian or Linux distribution??? I am told it's lurking around, but this
>source is not all that reliable.
>
>I
65 matches
Mail list logo
