#qi-hardware IRC log for Monday, 2013-07-15

--- Mon Jul 15 201300:00
kristianpaulevening? :)17:06
viricis there any linux setting that may avoid access to kernel memory even for the root user? No /dev/mem, no /proc/kcore, ... can it be configured that way?17:07
viric(I wonder if that may disable knowing dmcrypt keys even to someone having root access)17:07
whitequarkviric: I think yes17:10
viric/dev/mem and /proc/kcore may be enough?17:10
whitequarkthere's that secure boot thingy17:10
viricah. any pointer?17:10
whitequarkand it mandates disabling all access to kernel memory for the user. the write one, at least, but I'd guess it will disable read access as well (keys ?)17:11
whitequarkI think it works by making root non-root with selinux17:11
whitequarkand, generally, selinux can do that17:11
viricuh, that's too hard-way for my taste.17:11
viricIf it were only /dev/mem and /proc/kcore, it'd be much easier :)17:11
virichow would root read the kernel memory without /dev/mem or /proc/kcore ?17:12
whitequarkload a module17:14
whitequarkexploit some privileged API, which are usually less well-tested than non-privileged one17:15
whitequarkeg direct rendering stuff17:16
viricah the modules, yes. I forgot about modules.17:20
viricok. I was too naive :)17:20
kyakdisable module loading17:41
viricand dri, etc.17:42
rohkyak: doesnt help.17:51
whitequarkviric: how does an attacker get root on your system?17:53
whitequarkphysical access?17:54
viriccould be.17:54
viricstealing a powered on computer.17:54
whitequarkwhat computer it is?17:55
virica laptop17:56
whitequarkdoes it have firewire/mini-pci/mini-pcie ports?17:56
whitequarkthunderbolt (cough)17:56
whitequarkdoes it have replaceable memory sticks?17:57
whitequarkif the answer to either of those is "yes", you're screwed either way17:57
viricin any case it'd be some kind of targetted attack, if someone wants to get my dmcrypt key :)17:58
Action: whitequark nods17:58
whitequarkand you miss a crucial point17:58
mogi thought if you have more memory then the dma space that isnt a problem any more?17:58
whitequarkif someone needs your key, it's far easier to steal *you* and beat with something steel-y and heavey17:58
whitequarkuntil you tell it17:59
whitequarkmog: eh, not really17:59
viricwhitequark: yes, the iron up the ass17:59
whitequarkviric: are you sure you're not russian? :D17:59
viricwhitequark: what's the correct term =0 @CAA:><? :)17:59
whitequarkyes yes, iron. soldering iron to be specific17:59
whitequarkmog: you'd input the key at early boot17:59
whitequarkso chances that the block with it is allocated in low 4G of RAM are very high18:00
viricdid you see this? http://www.telegraph.co.uk/technology/10177765/Travellers-mobile-phone-data-seized-by-police-at-border.htm18:00
whitequarkthose guys don't have a clue18:00
viricthe press people?18:00
whitequarkno, the police ones. they use some pre-made software which just uses pre-existing backdoors or built-in capabilities18:00
whitequarkany kind of custom security will mean they either do nothing, or create you personally more problems18:01
whitequark(yes, dm-crypt on a laptop counts as "custom")18:01
whitequarkbesides, can't you just turn it off :D18:02
viricbut it's specially annoying the law things about that18:02
viricwell, encryption is a mean to quicker self-destruction18:02
viricto avoid the soldering iron attack18:02
whitequarkwhat's more important to you: your data or your well-being?18:02
whitequarkand that is a valid question with different answers in different cases, srsly18:03
viricwell, I should be able to tell that the laptop wasn't working, or so.18:03
whitequarkbut I myself would just clean the laptop blank18:03
viricif not, bad. :)18:03
viricclean the laptop when?18:04
whitequarkbefore crossing a border18:04
viricah ok18:04
viricyes, airports are very frightening places.18:04
viricI could have a 'travelling laptop', not my usual one.18:04
viricwhitequark: same with the phone?18:05
whitequarkviric: yeah18:05
whitequarkre data erasure18:05
whitequarkyou can send an SSD a TRIM 0:$capacity command in a millisecond18:06
whitequarkofcourse it won't get erased immediately, but I would be really eager to look at any working method of data extraction in such case18:06
whitequarkimo, that's still all too theoretical18:07
whitequarkit's not hard to defend yourself from a wide-range attack, and if you're targeted personally, you're *really fucked*18:07
whitequarkencryption would be your least concern18:08
whitequarkI think the most interesting case for strong crypto is a narrow-range attack. say you're a CEO (or a Boeing engineer, etc). you probably carry some interesting stuff, but no one is going after you personally18:08
whitequarki.e. it's opportunistic18:08
viriceven not being a CEO, if someone steals my disks, I'd feel better if they were encrypted.18:44
Action: whitequark nods18:44
viricso that's the main purpose. and in some kind of targetted attacks, that can also help18:45
viriconly some kind :)18:45
whitequarksuch as?18:45
viricmaybe some dumb acquaintance, that wants to annoy me18:53
--- Tue Jul 16 201300:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!