| e2580 | anyone interested in seeing an open source hardware encrypted storage device ? | 02:22 |
|---|---|---|
| Last message repeated 1 time(s). | 21:07 | |
| lindi- | e2580: how about just pasting a link? | 21:07 |
| e2580 | http://www.indiegogo.com/CryptX2 | 21:07 |
| e2580 | let me know if you got questions on it | 21:08 |
| lindi- | e2580: I think we already talked about this. | 21:12 |
| lindi- | e2580: maybe ping me when the source code is available | 21:13 |
| e2580 | maybe. been here a few times :) | 21:13 |
| GNUtoo-desktop | why not simply using cryptsetup + LUKS + GNU/Linux + Coreboot ? | 21:17 |
| GNUtoo-desktop | assuming coreboot works well, the setup works pretty well | 21:17 |
| wpwrak | e2580: i wonder if you realize that the audience here is pretty static. endlessly repeating the same message will only get people annoyed. | 21:19 |
| e2580 | luks/truecrypt etc require you to enter the password into the computer and the aeskey is in ram | 21:21 |
| e2580 | the crpytx2 is completely independent from the computer | 21:21 |
| GNUtoo-desktop | well you can use luks with a key too | 21:36 |
| GNUtoo-desktop | like --key-file | 21:36 |
| GNUtoo-desktop | or something like that | 21:36 |
| GNUtoo-desktop | *cryptsetup | 21:36 |
| e2580 | and that is still in ram on the computer, same as if you typed in a password | 21:40 |
| e2580 | you can easily dump the computers ram and pull the aes key from it | 21:41 |
| e2580 | as well as other methods | 21:41 |
| rz2k | e2580: do you realize that this channel is about open hardware and people here kind of know that 'It is in ram' is marketing crap until a good proof of concept attack available | 21:44 |
| rz2k | ? | 21:44 |
| larsc | actually there are some good proof of concept attacks available | 21:47 |
| rz2k | like aes steal thru micro fluctuations of power consumption? | 21:47 |
| rz2k | that can be applied to the hardware key itself, so it is pointless :p | 21:48 |
| rz2k | s/pointless/pointless to have the key/ | 21:49 |
| e2580 | this is not a hardware key, it is a complete self contained hardware encryption device. | 21:53 |
| e2580 | all encryption is done on the device | 21:53 |
| e2580 | the mcu also has ecm to prevent dpa attacks | 21:53 |
| GNUtoo-desktop | e2580, then what happens if the device get stolen? | 22:14 |
| GNUtoo-desktop | since it has no password protection..... | 22:15 |
| e2580 | have you seen the device or video ? | 22:15 |
| GNUtoo-desktop | beside MCU are not powerfull => easy cracking | 22:15 |
| GNUtoo-desktop | altough it depend on how stuff is implemented | 22:16 |
| e2580 | ^ | 22:16 |
| GNUtoo-desktop | how did you get the FIPS certification? | 22:21 |
| rz2k | e2580: you should do paper/pdf presentation of whats happening. I have no flash installed, so no video for me. also journalists copy-paste press releases more than videos. | 22:22 |
| GNUtoo-desktop | is there source code available? | 22:22 |
| e2580 | not fips certified, fips compliant | 22:22 |
| GNUtoo-desktop | ok | 22:22 |
| rz2k | your only way to go big is get into news feeds, spamming opensource places with yourself will only hurt. | 22:23 |
| e2580 | since the project is open source, its nto practical to do fipts cert | 22:23 |
| e2580 | each revision would require recertification | 22:23 |
| GNUtoo-desktop | so there is source code? | 22:23 |
| e2580 | source code will be available soon. we are finishng the hidden data feature and cleaning up the code | 22:24 |
| GNUtoo-desktop | ok | 22:24 |
| e2580 | firmware is gpl3 | 22:24 |
| e2580 | hardware we are still looking for license | 22:24 |
| GNUtoo-desktop | ok | 22:24 |
| e2580 | it will all be fully open source | 22:24 |
| --- Sat Nov 17 2012 | 00:00 | |
Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!