[ILUG] Hard Disk Protection in Live CD Boot Ups

Kuda Dube kd.gnu.linux at gmail.com
Wed Jan 14 13:01:02 GMT 2009 

Josh,

I would really like to start implementing a personal security strategy
and infrastructure from scratch and incorporate some or all of the
aspects you  specified. Where can I get a template/guide for such a
task? Josh, can you share or put a rough guide on this ... just to help
get started! Looking at personal files, e-mail, etc ... locally and in
the cloud! 
--
Kuda



On Wed, 2009-01-14 at 11:24 +0000, Josh Glover wrote:
> 2009/1/13 Paul O'Malley - gnu's not unix - <ompaul at eircom.net>:
> 
> > disk encryption fails when you forget the password - not if
> 
> Which is why you might want to consider writing the password down somewhere.
> 
> This is not as stupid as it sounds, if done right. I have a file with
> all of my passwords, encrypted with GPG, and stored in quite a few
> places, including as an attachment to a saved draft on Gmail. Should I
> forget the passphrase to my encrypted partitions, I am safe as long as
> I can get to that file and download it.
> 
> The things that have to go wrong in order for me to lose access to my
> encrypted partitions are:
> 
> 1. Forget the passphrase
> 2. And one of:
>  a. Forget my GPG key passphrase (not likely, since I use it multiple
> times a day)
>  b. Lose access to all of the copies of my password file (not likely,
> as it exists on several hard drives, Gmail, and S3)
>  c. No longer trust my GPG key (not likely, since if my key was
> compromised, I'd decrypt my password file, revoke my key, change all
> my passwords, generate a new key, and encrypt the password file with
> the new key)
>  d. Have no access to a trusted computer on which I can use my GPG key
> to decrypt my password file (the most likely case of all, but this one
> is transitory)
>  e. Lose my GPG key (not likely, since it exists, albeit in encrypted
> form, on S3, Gmail, and several hard drives)
> 
> Note that no less a security expert than Bruce Schneier recommends
> writing down your passwords:
> 
> http://www.schneier.com/blog/archives/2005/06/password_safe.html
>

More information about the ILUG mailing list