[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Libreboot] Libreplanet keynote questions
From: |
Daniel Tarrero |
Subject: |
Re: [Libreboot] Libreplanet keynote questions |
Date: |
Thu, 17 Mar 2016 10:40:21 +0100 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Tue, Mar 15, 2016 at 08:59:43PM +0100, Denis 'GNUtoo' Carikli wrote:
> Hi,
>
> Edward Snowden will be giving the keynote of this year's Libreplanet.
> I saw a video of him speaking at an IETF event, remotely. People had
> many questions, many technical.
>
> So I was thinking that we, the libreboot community, could prepare a
> list of questions before the event.
>
> We would for instance explain what is libreboot and ask questions
> related to it.
>
> For instance I'm personally very interested in activists threat model,
> that includes resisting to targeted physical attacks.
>
> Currently, the most used setup (to my knowledge) to resist such attacks
> consists in:
> - An FSF certified computer with libreboot.
> - GRUB in the BIOS flash, that can open encrypted rootfs.
> - The full rootfs (including /boot) encrypted with LUKS.
> - GRUB password and nail polish/glue seals to prevent reflashing by an
> attacker. The idea is to create random patterns that would be hard
> to reproduce or restore if the seals are broken. Pictures of it are
> taken, and the users verifies that the pattern matches before
> entering the passphrase.
> - The laptop would be configured to prevent external connectors from
> providing DMA channels to the system's RAM, before the users enters
> the passphrase.
> - The embedded controller firmware is non-free, we should probably fix
> that.
>
> Another approach would be a chromebook-like security model combined
> with Tails instead of chromeOS. Unfortunately that's not implemented
> yet.
>
> I wondered how safe was the former kind of setup, for instance:
> -> Is the default aes-xts-plain64 cipher (with a 256 or 512 bit key
> size) resistant to malicious HDD firmware. Here the firmware would
> deliberately and actively try to attack the cryptography. I'm also
> supposing that the SATA interface won't give it access to the
> system's RAM, because its DMA is between the HDD and the SATA
> controller. I hope that there are no bugs that permits access to
> the system's RAM.
> Would authenticated cryptography affect it in any way?
> -> How to learn to not be able to give the HDD passphrase if we want to.
> Do the hands have to learn the passphrase but not the brain?
>
> And more generally:
> -> To what extent is the intelligence community targeting individual
> free software developers involved the development of privacy
> enhancing software.
> Is it always possible for such individual developer to know this is
> happening.
> To what extent does that affect the ability of such person to
> continue working on privacy enhancing software (where the individuals
> are aware of it, and when they are not)?
> -> What are the differences between handling the security of individual
> people and an organization.
> For instance an organization would tend to man in the middle TLS to
> look for data exfiltration.
> An individual would, on the contrary, use the tor-browser.
> What(between organizations and individuals) would be more efficient
> for activism. Here I'm assuming that surveillance makes activism
> less efficient.
>
> The question don't target any specific country or political system, so
> the answer might differ accordingly.
>
> Maybe someone has ideas to improve the list, and/or to add questions to
> it
>
> PS: Note that I can't come to libreplanet this year.
>
> Denis.
i wont be able to be there, i hope someone find some of this interesting too
and can ask & transcript the answers! 8)
some questions about all this "privacy, data security and firmware" stuff:
- i like libreboot & see the uefi boot system comming, self signed boot roms
and CA's: will this be as strong as it seems?
- IoT, PxE, AMT, iME, SoC's, mobile phones, wearables, drones, firms & chips
everywhere!: are the firmwares the "only-one" "flag" to capture? what can we do
with undocumented chip/ports features, from an atheist perspective ;)? are
there trusted hardware manufacturers?
i miss a trusted link in the platform :,( FSF-libreboot-<hardware>-user
- Tempest attacks, aka 'chip exfiltrations to reverse cryptographyc keys': how
close is this to be "in the wild"? are there some key meassures that someone
can take to avoid this?
- the net, open source, activism, information leaks, the growing and needed
share knowledge global culture 8,): appart from keep on going with libreboot,
what can we do better? what else? join others?
love to snowden, smart, honor, and big courage, all a human can bring with him
and be proud of
D