#qi-hardware IRC log for Friday, 2012-11-16

e2580anyone interested in seeing an open source hardware encrypted storage device ?02:22
Last message repeated 1 time(s).21:07
lindi-e2580: how about just pasting a link?21:07
e2580http://www.indiegogo.com/CryptX221:07
e2580let me know if you got questions on it21:08
lindi-e2580: I think we already talked about this.21:12
lindi-e2580: maybe ping me when the source code is available21:13
e2580maybe. been here a few times :)21:13
GNUtoo-desktopwhy not simply using cryptsetup + LUKS + GNU/Linux + Coreboot ?21:17
GNUtoo-desktopassuming coreboot works well, the setup works pretty well21:17
wpwrake2580: i wonder if you realize that the audience here is pretty static. endlessly repeating the same message will only get people annoyed.21:19
e2580luks/truecrypt etc require you to enter the password into the computer and the aeskey is in ram21:21
e2580the crpytx2 is completely independent from the computer21:21
GNUtoo-desktopwell you can use luks with a key too21:36
GNUtoo-desktoplike --key-file21:36
GNUtoo-desktopor something like that21:36
GNUtoo-desktop*cryptsetup21:36
e2580and that is still in ram on the computer, same as if you typed in a password21:40
e2580you can easily dump the computers ram and pull the aes key from it21:41
e2580as well as other methods21:41
rz2ke2580: do you realize that this channel is about open hardware and people here kind of know that 'It is in ram' is marketing crap until a good proof of concept attack available21:44
rz2k?21:44
larscactually there are some good proof of concept attacks available21:47
rz2klike aes steal thru micro fluctuations of power consumption?21:47
rz2kthat can be applied to the hardware key itself, so it is pointless :p21:48
rz2ks/pointless/pointless to have the key/21:49
e2580this is not a hardware key, it is a complete self contained hardware encryption device.21:53
e2580all encryption is done on the device21:53
e2580the mcu also has ecm to prevent dpa attacks21:53
GNUtoo-desktope2580, then what happens if the device get stolen?22:14
GNUtoo-desktopsince it has no password protection.....22:15
e2580have you seen the device or video ?22:15
GNUtoo-desktopbeside MCU are not powerfull => easy cracking22:15
GNUtoo-desktopaltough it depend on how stuff is implemented22:16
e2580^22:16
GNUtoo-desktophow did you get the FIPS certification?22:21
rz2ke2580: you should do paper/pdf presentation of whats happening. I have no flash installed, so no video for me. also journalists copy-paste press releases more than videos.22:22
GNUtoo-desktopis there source code available?22:22
e2580not fips certified, fips compliant22:22
GNUtoo-desktopok22:22
rz2kyour only way to go big is get into news feeds, spamming opensource places with yourself will only hurt.22:23
e2580since the project is open source, its nto practical to do fipts cert22:23
e2580each revision would require recertification22:23
GNUtoo-desktopso there is source code?22:23
e2580source code will be available soon. we are finishng the hidden data feature and cleaning up the code22:24
GNUtoo-desktopok22:24
e2580firmware is gpl322:24
e2580hardware we are still looking for license22:24
GNUtoo-desktopok22:24
e2580it will all be fully open source22:24
--- Sat Nov 17 201200:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!