[tclug-list] Do strong root passwords prevent alternative access?

Fri Feb 28 09:15:49 CST 2014

I don't know if anyone mentioned using truecrypt to have a hidden operating
system.  haven't dont it yet but seems like an interesting way to spend a
day.

On Fri, Feb 28, 2014 at 8:18 AM, Jeremy MountainJohnson <
jeremy.mountainjohnson at gmail.com> wrote:

> Ultimately, the length and complexity of the password / use of keys is
> what makes encryption good. Nearly all the common encryption
> algorithms out there are crackable if physical control is compromised
> and weak keys are used. Speaking from experience, all but one below
> I've been able to crack years ago with a decent gpu / distributed
> processing and weak pass-phrase (less than 12 chars). Keep in mind,
> more chars is not always correlated to success of encryption, refer to
> targeted dictionary attacks, rainbow tables, and the chair to keyboard
> factor.
>
> * Ubuntu (and I believe Debian) give ecryptfs option for home
> directories (folder level encryption) via the gui installer. Tied to
> your user account password, which is it's weakness, strong pw hashes /
> salting help a lot for exposed passwd and shadow files
> * TrueCrypt can also do a home directory or simple container in Linux,
> with pass-phrase and various keys, but not full disk encryption unless
> on Windows
> * Several paid options out there, often for enterprise, McAfee is a
> common one, handle full disk, complex encryption for nearly all
> platforms
> * More manual options include dm-crypt + LUKS, with pass-phrase and
> various key options (similar to a more manual and CLI like Windows
> BitLocker). Does the job well, but tough upfront learning curve
>
> --
> Jeremy MountainJohnson
> Jeremy.MountainJohnson at gmail.com
>
>
> On Fri, Feb 28, 2014 at 3:59 AM, gregrwm <tclug1 at whitleymott.net> wrote:
> > agreed.  afterall anything is possible.  but little is likely.
> >
> > you can be as paranoid as you like.  or, you can try relaxing a bit.
> >
> > but logic can't cure paranoia.  humor perhaps has a better chance.  hence
> >
> > "just because you're paranoid doesn't mean they're not out to get you!"
> >
> >
> > _______________________________________________
> > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> > tclug-list at mn-linux.org
> > http://mailman.mn-linux.org/mailman/listinfo/tclug-list
> >
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20140228/8d37f111/attachment.html>