hello friends! new(ish)!

Talk:Encryption

From InstallGentoo Wiki v2
Jump to navigation Jump to search

New Warning

So we have a new warning. How useful is it?

"Remember Just because it is widely considered safe doesn't mean exploits can not be found."
Technically true, but technically true of all software ever written. Therefore vague. Therefore not very useful. Can we write something more practical?
Table with current state of encryption breakage? Dates a must.
References to court cases where the encryptioin has clearly been tested by State actors?
"Also remember that encryption mechanisms aren't a cure-all to your problems. Only when used correctly can encryption work to your advantage."
This is very vague. What are "encryption mechanisms"? What are our "problems"? What specific technology in what situation is encryption "used correctly" and what "advantage" are we seeking?
Let's make this warning useful. Let's split it up into specific (i.e. exact commands/situations) for each section in the article. And if there isn't an appopriate section, create one.

Mrsnooze (talk) 03:22, 20 February 2016 (EST)

Page Needs Rework

Much of this article refers to Full Disk Encryption
It doesn't explicitly state so. An appropriate header of FDE should probably be added, with a warning that FDE is only useful when your computer is switched off/drive unmounted etc. A section on cold boot attacks wouldn't go astray.
Page should be split into sections.
FDE
phone encryption?
single file encryption
web encryption
communication encryption?
encryption standards
others?

Mrsnooze (talk) 03:22, 20 February 2016 (EST)

If you want to make the change, just do it. I am not an expert on this topic.  Morpheus talk 11:18, 20 February 2016 (EST)

FBI vs Apple

So this story is still developing, but the FBI vs Apple iPhone encryption is a big deal. It's going to set a precident, which if goes in the FBI's favour, will open the floodgates to backdoored devices. We need a section on this at some point. The FBI is asking Apple to provide a signed, custom firmware patch to:

  1. Allow more than 10 password guesses per hour.
  2. Not allow the phone to wipe itself after 10 bad guesses.
  3. Allow guesses to be made via usb/whatever interface, rather than the touchscreen.

This is so that the can run an effective bruteforce against the phone's pincode. The phone in question is the San Bernidino shooter's phone. Brute forcing with iPhones needs the pincode, iPhone TPM and iPhone cpuid (or similar - check this, risky business podcast 399 linked below explains it).

References: Slashdot:

Soylent News:

Risky Business infosec podcast:

Ars Technica:

Mrsnooze (talk) 03:52, 20 February 2016 (EST)


All closed-source software is backdoored!

I removed some of the FUD regarding Microsoft and Mac OSX. The reported Bitlocker attack requires EM detection of TPM chips; it cannot be generalized to Bitlocker as a software system. To be honest, if the CIA needs to attack the TPM chip, this should be proof that there is actually no backdoor in Bitlocker... — Preceding unsigned comment added by Rfaelens (talkcontribs)


Misc

We should probably move all the disk encryption to its own page and use this as a overall page of encryption in general. -- God (talk) 02:20, 17 March 2015 (EDT)