gpgAnon, draft 20150
Stefan Claas
sac at 300baud.de
Fri May 29 21:09:10 CEST 2020
LisToFacTor via Gnupg-users wrote:
> On 5/29/20 4:51 PM, Stefan Claas - sac at 300baud.de wrote:
> > how does Alice protects her Live-CD and USB stick, when she leaves
> > home and Mallory gains access to them, so that for example the
> > Live-CD can be exchanged?
> Live-CD is a "public resource", available from multiple locations on
> the 'net and off, simply discarded when not practical to protect.
> Anybody can download, burn and give her a copy. On first use, checked
> with:
>
> sudo cat /dev/cdrom | shasum -
>
> While noting on the CD is a secret, it is quite unlikely an adversary
> can modify it without being detected.
>
> > Does Alice use the USB-stick also with other mediums and if so how
> > does she detect bad USB?
> USB hygiene is always a problem. Small devices and frequent hardware
> cycling on the trusted device with two USB ports is helpful:
> dd if=/dev/sdb of=/dev/sdc bs=10M
> (with subsequent cat ... | shasum - thrown in for good measure)
Maybe you could add these two tips to the document, because Alice might
not know.
BTW. A while ago my Linux online Notebook was hacked and now I use
also a (Windows) offline Notebook for encryption and I have also
purchased a Kanguru Defender 3000 USB stick, wich allows to use
a virtual keyboard (under Windows) to type in the passphrase for
the encrypted USB stick and it has also a write-protect switch,
when using on an online computer. And it is bad USB safe.
Maybe interesting for someone?!
<https://www.kanguru.com/secure-storage/defender-3000-usb-3-secure-hardware-encrypted-flash-drive.shtml>
Regards
Stefan
--
my 'hidden' service gopherhole:
gopher://iria2xobffovwr6h.onion
More information about the Gnupg-users
mailing list