PDA

View Full Version : Encrypted filesystems and civil disobedience



clearer
8th October 2007, 08:28 AM
Since the danish government has decided that all emails and phone calls should be logged I have decided that I won't take it and I am going through the steps required to make sure that it won't be possible to figure out what I have on my hard drive, what emails I send and what phone calls I make, by the computer illiterate police in Denmark.

Among these steps, I want to make sure that, in case a new proposed law is passed where the use of techniques which makes it harder for the police to track you is enough for the police to treat you like a terrorist, the police won't be able to read my files without my explicit permission -- enters file system-wide encryption.

I just wanted to know if anyone has any experience in doing this in Fedora or if I'm on my own here.

leigh123linux
8th October 2007, 09:16 AM
They do the same in the UK ( they log text messages and mobile calls ) , I have stopped using my contract mobile and have bought a unregistered pay as you go sim.
I only use web based email because I like my privacy.

Wayne
8th October 2007, 09:25 AM
Brit police can send you inside for not revealing your encryption keys:

http://www.theregister.co.uk/2007/10/03/ripa-decryption_keys_power/

Wayne

clearer
8th October 2007, 09:29 AM
Brit police can send you inside for not revealing your encryption keys:

http://www.theregister.co.uk/2007/10/03/ripa-decryption_keys_power/

Wayne
That's OK, I just don't want people to be able to read my stuff without me knowing it.

SlowJet
8th October 2007, 09:53 AM
http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/

Pick your favor - not quit soup yet.

No mention of LVM or compressed and encrypted or that 256 bit is not so secure for a f/s

Encryption/compression needs to be in the f/s drv of ext4 - just click the boxes in Anaconda.
And a dir or file can be double e and/or c on the fly.
And nothing can read or write that ext4 f/s but the drv and it knows where the keys and phrases are and when to ask for them. Otherwise it is e/c but not secure.
We need 2048 bits with keys generated by multiple random generators with a random selection process. We need a hardware spu that can be loaded with firmware code.
And we need it yesterday, of course.

SJ

A.Serbinski
8th October 2007, 06:44 PM
You might want to have a look at this; http://www.truecrypt.org/

stevea
23rd October 2007, 07:35 AM
Wow - I had no idea the Danes were running off a cliff too. Very sad.

So how good is the encryption ? I have doubts than any on-the-fly would
be good enough to be worthwhile.