Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: secure live-cd

From: "Stephen J. Smoogen" <smooge () gmail com>
Date: Sun, 18 Dec 2005 20:34:25 -0700
On 14 Dec 2005 19:28:23 -0000, alfonso () yahoo com <alfonso () yahoo com> wrote:

hello list,

  I was looking for someting like a live cd to be used in secure comunications over the internet from unsecure places 
like public computers, internet cafes etc. The cd would contain applications like gaim with gaim-encryptions, silc 
(client & server), email client with gpg encryption. I don't know if there is such a distro and if it does exist how 
does it keep the gpg jeys and all the other private keys safe...



Knoppix and similar tools would be your starting point. HOWEVER, there
would be the problem of the secret keys used by gpg, gaim, etc.
Burning them onto the cdrom would be problematic in that a) you would
need to have a cd per individual, and b) you would need to make sure
that the cdrom did not get lost as then the secret key would be
compromised.

Ways around this would be that you set up a centralized key authority
that requires the person to boot the cdrom, prove to a level of
confidence that she is who she says she is, and then retrieves the
keys to ram. Another would be to have on a USB or some other data chip
the secret keys and they can only be unlocked by a strong password.

At any point along this, you would need to keep your trust of any
individual/group using these disks to Knee Cap level. That is the
level where someone would give up the passwords to unlock their
passwords rather than having their knee caps wrenched apart.


--
Stephen J Smoogen.
CSIRT/Linux System Administrator

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfoc_ml
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: