mulander

Friendly reminder. Full disk encryption on a server you have no physical access to grants you no security, same for your laptop if you carry it around in sleep mode. FDE protects your data at rest as from a cold boot you need to provide the passphrase. If your box is running the secret is present in memory and can be grabbed by a dedicated attacker.

For the same reason, when approaching border control, TURN OFF your phone, just locking the screen is often not enough.

Dec 30, 2017 at 11:25pmWeb
Show threadMrTumnusInfoSecDec 30, 2017
@mulander and even then if asked for your password , what do you do?
Show threadmulanderDec 30, 2017
@MrTumnusInfosec don't travel to countries that want this. That's why I don't plan to visit or attend any events in the USA. Still, with a password you can at least refuse to provide it with plausible deniability that you forgot it. Can't do the same with a fingerprint scan.
Show threadMrTumnusInfoSecDec 30, 2017
@mulander true but then I can’t afford to have a $600 device taken away from me every time i fly. Best option is to remotely sync the content once at your destination, host your NextCloud and pull it down. Anyone made an App for that, a fresh phone reimage tool once in-situ?
Show threadmulanderDec 31, 2017

@MrTumnusInfosec I can't afford that also. Hence I avoid places that are likely to seize my devices on border checks.

I haven't heard of a fresh phone re-image stuff.

Show threadMrTumnusInfoSecDec 31, 2017
@mulander yeah, but listen, this also applies to MY own country! Wtf!!!?!
Show threadmulanderDec 31, 2017

@MrTumnusInfosec in that case you have two choices.

1. Get politically involved in changing the laws in your country. Educate people, vote, try to pass better laws.
2. Migrate to a different country.

Show threadMrTumnusInfoSecDec 31, 2017
@mulander so 1. Is a slow burn but essential 2. Is just delaying the inevitable as the laws will follow me there one day, sooner rather than later. This needs an immediate technological fix as well as a political one. Imagine being able to arrive at the airport and plausibility deny that your phone (which has an encrypted deeply hidden cryptovault on it) is just boring and used as a old-School phone, no / minimal Apps installed. Then the moment you get online...magic! Your old phone back
Show threadmulanderDec 31, 2017
@MrTumnusInfosec if I was running the border checks I would have them image all phones that pass through - encrypted or not. If one year from now I learn how to detect hidden crypto volumes I would get back to you for further investigation. Obscurity is not security, if it's illegal to pass without decrypting your phone then hiding an encrypted volume is not the solution.
Show threadMrTumnusInfoSecDec 31, 2017
@mulander so good encryption is by definition indistinguishable from random noise, so it’s doable in theory. And if not then it has to be done after the event with a Live re-image on a device once destination is reached. Or always done Citrix style, so remote RDP for Mobile devices.
Show threadSdXDec 30, 2017

@mulander

Does it have a tpm chip? the process is safe.

Show threadmulanderDec 31, 2017
@SdX are you referring to having turn off the phone? If what I have been told is correct, modern iPhone/Android devices with bio-metrics locks on by default won't ask for passwords unless cold booted. Biometric data can be forcefully taken to unlock the devices - unlike passwords. The TPM chip doesn't prevent that in any way.
Show threadSdXDec 31, 2017

@mulander

Tanks you for the reponse.

Biometric data are stored in the processor depending on the apple. Can we imagine that secret data being recovered by a malicious person? By processor flaws made for that.

For the TPM chip, it is therefore useless. That's bullshit again.

Show threadmulanderDec 31, 2017
@SdX the situation we are discussing here is a border agent having you to unlock the device. If the device requires only the biometric data to unlock and the border agent can forcefully take your finger and put it on the device then the phone is unlocked. The TPM doesn't prevent that. iOS touchID requires a passcode after a cold boot and that makes it harder for a person with physical access & authority over your biometrics to unlock your phone - hence the suggestion to power it down.
Show threadSdXDec 31, 2017

@mulander

Yeah, but it's sad. According to comes back to say.
That there's no security available. No integrity can be 100% and that once the exchange of data by networks, data corruption is present or not verifiable.
The worst thing is that only network attacks are concerned.

There is also the unreliable material. ECC memory is only used in very rare cases. So is the corruption of bios.

When you think about it. Might as well stop it. And start farming.

Show threadradiant3462Dec 31, 2017
@mulander (I'm follower # 666 by the way) I always encrypt home and the whole thing when I do a Nuke & Pave. Any other advice? I run either Ubuntu or Debian. BSD is a bridge too far for me now.
Show threadmulanderDec 31, 2017

@radiant3462 guess just the usual stuff:

1. keep your system up-to-date
2. make sure you access sites with TLS (https://)
3. use signal, matrix or a messenger with an otr plugin if you need a secure private chat
4. use gpg to encrypt emails
5. NEVER paste anything with sudo | bash into your terminal

Show threadAdministratorDec 31, 2017

@mulander Perhaps FDE on cloud servers could be useful in case the company's servers are hacked?

Guess it depends on where they're storing the keys though, yeah. Any sophisticated enough hack would also make sure to get the keys. I kinda always laugh when I see this option on AWS.

Show threadaeris 🏳️‍🌈Dec 31, 2017
@mulander @tinker FDE is also interesting in case of seizure. Cops generally not smart enough (and have not enough time) to catch the key from the memory.
I hate myself to not use FDE on my previous dedicated server when it was seized by French policy…
Show threadClaudius (legacy account)Dec 31, 2017
@mulander "no security" is a bit of a stretch. It will give you lots of security for any not-as-determined hacker. For most people "my notebook got stolen, and I don't want the thief to grab my address book" is a more reasonable threat model than "a nation state is trying to penetrate my devices". A regular thief or a nosey family member will fail with FDE, even if the device is just in standby.