Language Selection

English French German Italian Portuguese Spanish

LUKS mermaids of remote unlock

Filed under
Security

Recently, I’ve browsed several how-to’s regarding the possibility of unlocking a LUKS root volume remotely using an SSH connection. For reference, the first of its kind is the one for Debian, published at Coulmann.de. Some of these how-to’s were posted to forums and mailing-lists and received many thankful comments from sysadmins wondering how to make their encrypted secure setup also easy to administrate.

The problem with their approach is simple: they asked how to fix their setup, but forgot to ask what they’re trying to protect. Having your root filesystem on an encrypted disk doesn’t protect you from remote exploitation or credential leaks. It just protects you from the risk of someone being able to access your machine locally and steal your data, or just steal the whole machine altogether. Now, if I were an attacker having access to your hardware locally,

I could easily setup a trap for you in less than 5 minutes:




More in Tux Machines

Google’s Nest buys Linux automation firm, adds five partners

Google’s Nest Labs acquired Revolv, a maker of Linux-based home automation devices, and announced five new Nest-compatible devices. including the Pebble. After Google acquired Nest Labs in January $3.2 billion, placing a stake in the fast-growing home automation business, Nest acquired home surveillance camera maker Dropcam in June for $555 million. Now Nest announced it has acquired another major home automation company in its purchase of Revolv. The acquisition, which was announced with no dollar amount, came shortly after the Boulder, Colo. based company announced compatibility with the Nest Learning Thermostat and Nest Protect CO/smoke detector. Read more

Android Wear Gets Its First Big Update

Google's Android Wear on Thursday got its first major update, bringing GPS support and offline music capabilities to the wearables platform. "Android Wear is great for tracking things like route, distance and speed," wrote Kenny Stoltz, Android Wear product manager. "Before today, you had to keep your phone close at hand. Starting today, Wear supports watches with GPS sensors, so you can enjoy these features regardless of where your phone's at." Read more

Positive results from Outreach Program for Women

In 2013, Debian participated in both rounds of the GNOME Outreach Program for Women (OPW). The first round was run in conjunction with GSoC and the second round was a standalone program. The publicity around these programs and the strength of the Google and Debian brands attracted a range of female candidates, many of whom were shortlisted by mentors after passing their coding tests and satisfying us that they had the capability to complete a project successfully. As there are only a limited number of places for GSoC and limited funding for OPW, only a subset of these capable candidates were actually selected. The second round of OPW, for example, was only able to select two women. Read more

Mesa 10.3.2 Has A Couple Bug-Fixes

For those living by stable Mesa releases rather than the exciting, bleeding-edge Mesa Git code for open-source Linux graphics drivers, Mesa 10.3.2 is available this Friday night. Mesa 10.3.2 has fixes for Nouveauy's GM107 Maxwell and GK110 support, a handful of Intel DRI driver fixes, and also a few R600g/RadeonSI driver fixes. Mesa stable users interested in learning more can find the 10.3.2 release announcement by Emil Velikov, the new Mesa release manager. For those after the latest Git developments, Mesa 10.4 will be declared stable in December. Read more