Re: Keeping files away from users

[Peter Cordes <peter@llama.nslug.ns.ca>]

On Thu, Jun 05, 2003 at 12:53:43PM -0300, Koba wrote:
> Think about this:
> 	Use a encrypted loopback. 	To get the key without storing it on 
> 	the computer:
> 	Get some kind of unique combined fingerprint of the computer and hd 
> through a c/c++ programmed algorithm and sending them to a secure 
> "password" server using some kind of (variable server provided salt) 
> hashing with md5. 	The server can encrypt the loopback KEY using the 
> fingerprint as a passphrase and send it sniff safe.
> 
> Isn't this going to safe enought for some cases?

 If the attacker runs it under an x86 emulator like bochs, they don't need
to sniff the network, just look at memory after it's decrypted.  Also, what
I suggested was an attempt to avoid dependence on a network.  I'd be pretty
unhappy if I bought something that required a connection to some
authentication server before it would decide to function for me.  Going too
far with this risks pissing off people who had no plans to hack the thing,
but dislike the explicit distrust of them.  I mean, that's as bad as buying
a DVD and finding out that it's "illegal" to watch it on a GNU system...
You don't want to make your clients feel like you think they're criminals,
or your adversaries.

-- 
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug.n , s.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BC