Language Selection

English French German Italian Portuguese Spanish

LUKS mermaids of remote unlock

Filed under
Security

Recently, I’ve browsed several how-to’s regarding the possibility of unlocking a LUKS root volume remotely using an SSH connection. For reference, the first of its kind is the one for Debian, published at Coulmann.de. Some of these how-to’s were posted to forums and mailing-lists and received many thankful comments from sysadmins wondering how to make their encrypted secure setup also easy to administrate.

The problem with their approach is simple: they asked how to fix their setup, but forgot to ask what they’re trying to protect. Having your root filesystem on an encrypted disk doesn’t protect you from remote exploitation or credential leaks. It just protects you from the risk of someone being able to access your machine locally and steal your data, or just steal the whole machine altogether. Now, if I were an attacker having access to your hardware locally,

I could easily setup a trap for you in less than 5 minutes:




More in Tux Machines

Paper: New Material Design Inspired GTK Theme

Paper is a new material design inspired GTK theme, which is currently in beta. "Its design is mostly flat with a minimal use of shadows for depth", mentions its website, and it was developed primarily for the GNOME (Shell) and other desktops that make use of header bars. Read more

Leaving KO

Inge, Tobias and I founded KO GmbH in 2007 in Magdeburg. We named it KOfficeSource, because we believed that KOffice, which is Calligra these days, was getting ready for the big time, especially on mobile. Nokia was beginning to invest heavily into open source, Intel joining in with Moblin, the times were heady and exciting! After a bit of rough-and-tumble about the name, we renamed KOfficeSource GmbH to KO GmbH and from 2010 on, we were in business! Read more Also: Krita and KO GmbH

Second generation Android One phones to arrive in Q1 2015

Karbonn Mobile is preparing to release its second-generation Android One smartphone, according to the Executive Director of Karbonn Mobiles, Shashin Devsare, who recently spoke at the Dream 500 Million Smartphones event in New Delhi. The successor to the Karbonn Sparkle V is scheduled to arrive in the first quarter of 2015. Read more

Open Source Has Won: Now What's Your Strategy?

Nonetheless, open source is here to stay. If your organization isn’t using open source software in mission-critical applications, you’re in the minority. Even then, I suspect you are using open source software and just don’t know it. Even Microsoft has embraced open source by including open source versions of big data repository Hadoop on Azure, and they count Hortonworks and Cloudera among their valued partners. And if you’re really one of those rare open-source-free enterprises, you might want to reevaluate your situation: you’re in an increasingly small minority. Read more