Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora User (http://www.linux-archive.org/fedora-user/)
-   -   Some businesses and professionals need an extremely secure OS lock, that even the best of the best can't crack... (http://www.linux-archive.org/fedora-user/613957-some-businesses-professionals-need-extremely-secure-os-lock-even-best-best-cant-crack.html)

Larry Brower 12-26-2011 01:37 AM

Some businesses and professionals need an extremely secure OS lock, that even the best of the best can't crack...
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 12/25/2011 08:05 PM, Linda McLeod wrote:
> I lost the encrypted login PW for one of my many hd's, and found that I
> can easily over-ride to restore it if I do a little cracking with
> codes.. The data was easily found in a Google search, which means that
> an encrypted OS isn't really a locked OS.. So I'm wondering how can we
> have sure-fire fool-proof crack-proof keys that maintain a private
> corporate computer totally safe and private from the crazy world's
> bullying and messing..?
>

What?

What password are you referring to exactly? BIOS? encrypted LUKS
partition? encryptfs? Truecrypt?

Please provide more details.


> Do you suppose a flash drive can somehow made to be the only key that
> opens an OS..?
>
> Can there be layers of keys in a key..?
> I.E.: ones multi-layered PW might be something like:
> "18erty
> 239de
> frosset (for this one the user must wait "5-seconds" of no keyboard
> activity before being keyed in)
> 18
> su78
> ddhe"
>

I have never seen anything like this. I wouldn't trust it if someone
came up with something like this since they could easily just add their
own key into the algorithm.



- --


Larry Brower, CCENT

Fedora Ambassador - North America
Fedora Quality Assurance
lbrower@fedoraproject.org
http://www.fedoraproject.org/
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJO994EAAoJEF1Xw4ZWTEoJsGgQAIkRy0bpZV eRz2uz6LK9hfjL
S/KbE/LzjKZmlRPI7rm6UjKgZP0JOBbciGwt+2WO27BHFwkBBAqBnv7f INPCNSr7
5Oy6dD2nT3m4SDpF77TmAPiRj67QaQKXrr1H3bxUPOhZs3rFtn J11eAtNyMvJp6e
J2DEnjMaUZEHPfyh2Jby5OzPTxspoHV7bPE03UJUYWflAOyaX9 HcrhrWXu6jklx/
vYWOQcEl7vsI86a2BEcH3fkpnmH+CmkbyOaR9Sv5LSHjtTtzoI Tkv7MuJ34YkUb8
fNudKZnZfBl1ohKtuwt8cGIuECCZbJtuvxyv+YbwafcNyiJXXK YFIwCG50K761ys
/Q5p9WPh5TSJmuHZVJRK7DMHcu3KptoTPtrVsMe1M0wr19VqNNc vbCFOed4O7xC/
WjxlTXR6hiKTUXwe+0kNlw7WZBgj2uExdsG2v0KDWcKuEqDFGk XibmLXcI9PeqHA
MHRVI/8qgOLqC1bFy2BYTVsekmvvGcIbj6Adt3o0j5+80+nobhnnW9k8 iU4XN4A+
NCPzpS1iRFvSGYiuMhs+rmzVIWR832Ha8kJ28mIb5XJFYa4tDE aMfG74IH7YryFW
RSKXBF7bFJ0nG2D6tZjIstkYA/P6yELbfxMgf//9IvR6FL9B81tMPoF+x0FTgBD8
S9gm85tVdxgl7qIgyp5y
=fy8S
-----END PGP SIGNATURE-----
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Joel Rees 12-26-2011 01:38 AM

Some businesses and professionals need an extremely secure OS lock, that even the best of the best can't crack...
 
Welcome to the real world, Linda.

(Sorry to be so blunt. Computers are not magic.)

On 12/26/11, Linda McLeod <lindavaldeen@fastmail.fm> wrote:
> I lost the encrypted login PW for one of my many hd's, and found that I
> can easily over-ride to restore it if I do a little cracking with
> codes.. The data was easily found in a Google search, which means that
> an encrypted OS isn't really a locked OS.. So I'm wondering how can we
> have sure-fire fool-proof crack-proof keys that maintain a private
> corporate computer totally safe and private from the crazy world's
> bullying and messing..?

Freedom hurts sometimes.

The only real safe thing to do is lock the stuff that you can't afford
to be cracked in a safe.

> Do you suppose a flash drive can somehow made to be the only key that
> opens an OS..?

Flash drives are by no means less unsecureable than the rotating disk
kind. Electron microscopes are not that expensive, either, even when
the ecrypted flash drive manufacturer sort of gets it right.

Encrypted flash is primarily useful for the legal angle of
deniability. Think DRM. (Well, officer, I did the best I could!) They
can also be helpful when the data on the drive is personal, but not
valuable, and the person finding the drive is just a curious teenager
who does not know how to use a soldering iron.

> Can there be layers of keys in a key..?
> I.E.: ones multi-layered PW might be something like:
> "18erty
> 239de
> frosset (for this one the user must wait "5-seconds" of no keyboard
> activity before being keyed in)
> 18
> su78
> ddhe"

That's a very common not-good-idea that people turn to. Complexity by
itself solves very little. And it often makes even more problems.

Joel Rees
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Joe Zeff 12-26-2011 03:26 AM

Some businesses and professionals need an extremely secure OS lock, that even the best of the best can't crack...
 
On 12/25/2011 06:05 PM, Linda McLeod wrote:

So I'm wondering how can we
have sure-fire fool-proof crack-proof keys that maintain a private
corporate computer totally safe and private from the crazy world's
bullying and messing..?


If you're talking about people getting into your computer from the
outside, I don't think that encrypting your hard disk is going to help
unless you don't mount the partition unless you're using it. AIUI, once
it's mounted, the system's going to decrypt/encrypt as needed for
whoever access it.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org


All times are GMT. The time now is 02:56 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.