Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026

"Nuke" password developed for full disk encryption in Kali Linux

  • 29-05-2014 02:44PM
    #1
    Recondite49
    Closed Accounts Posts: 1,004 ✭✭✭


    Linux Today points out that rightly that this is simply implementing an existing patch and provides instructions on how to apply this to any Debian based distro like Ubuntu or Linux Mint. I will post link on here when able.

    On the face of it, this seems very impressive. You have another password which can be inputted to your computer in the case of duress or seizure which will erase the Master Keys and leave your volume still encrypted.

    Even better when you enter the special "nuke" password, it simply registers as an invalid password so there's no way for an adversary to tell what you've done unless you tell them.

    My only concerns about this are :

    1. It would be a very stupid Police Officer indeed who allowed you to enter the password on the original device without first backing up the HDD.

    2. Wouldn't it be fairly trivial from examining the boot loader to see that this patch had been applied?

    3. If you tried to use this to escape compulsory key disclosure laws (e.g RIPA in the UK), this wouldn't register as a valid password, and therefore you'd be in a position where you'd be unable to supply the correct key. As such you could risk prosecution if you erase the Master Key but on the plus side, in practical terms it would be near impossible to get at your files.

    Any thoughts on this?


Advertisement