[FDE] Full-self encrypted USB devices
Robert Michel
openmoko at robertmichel.de
Wed Mar 7 03:37:44 MST 2007
Salve Allen,*!
On Tue, 06 Mar 2007, Allen wrote:
> Two questions about your post. First, and probably OT, is what is
> the "SD news about blackest black...," about?
Oh of course /. news ;)
The Blackest Material
QuantumCrypto² writes "Researchers at Rensselaer Polytechnic Institute
have created 'the world's first material that reflects virtually no
light.'
http://science.slashdot.org/science/07/03/05/2326233.shtml
and after beening slashdoted.. the link to the articel
and video with an interview about the blackest material
is usable today again ;) Is totaly OT but interesting ;)
² gives a link to http://www.full-disk-encryption.net/
so I found your forum and your mailinglist archives,
and there I found Lance question...
So QuantumCrypto made good PR for your forum ;)
Back to Lance question and my answer to use
a linux smartphone as posible solution. Just
350 US$ for having it only as USB mass storage device
is, of course, to expensive - but most of you/us
will have a mobile and choosing the next one that
gives also a solution for Lance idea.... ;)
Excuse me that I'm so excited about the OpenMoko/Neo1973
possibilities - since years I'm very sick seeing the
hardwarepower of mobile phones and the very restricted
undocumented, unopen close soure software running on them
- just crap...
Also J2ME does IMHO not worth a look because you will find
to much things not working making you sik again.
Consider that WAP pages could change your systemsettings...
and about some phones are known that authorities could
switch on your mic remotly to listen to you - unvisible
for you:
http://news.com.com/2100-1029_3-6140191.html
Ah and being on "Cryptography and Encryption Forum"
it should be clear that the normal memory on smartphones
are *not* trustworthy - even when you encrypt it, your
phone isn't it. You have no firewall on it, no chance to
use wireshark to know what is going on via GSM/GPRS
- consider that authorities could read out the memory
of your mobil.
On last "Sun Day" at my university (rwth-aachen.de),
Kiran Patel, Java Technology evangelist of Sun,
said that there are plans that next Java Mobile generation
will supports acssess to the mobil memories for the GSM
provider, that would have the advantage for the user to
have the latest skinns upload automaticaly from the provider...
- Maybe she had communicate it in a wrong way, but
*I* do not want have a mobile device where the provider
can change the data and software on it without my
agreement, without a chance to see what is going on....
> And the second is the problem of compatibility from EU to US with
> GSM. Would I be able to take the SIM chip out of my T-Mobile
> Samsung X495 and stick it into the Neo1973 and have it work?
The Neo will have Ti quad-band GSM chip:
http://wiki.openmoko.org/wiki/GSM
So the GSM network of T-Mobile will be fine.
> so, then the cost might not be all that big a deal, though it is
> a bit pricey.
Beside e.g. the anounced iphone, it is not linked to a
GSM contract and the trolltec greenphone costs 700 US$.
When just looking to have a phone, you are right it is
a bit pricey and I hope that next years will be cheaper
phones on the market running OpenMoko - but comparing
it to embedded developer boards with a ARM9 it is an
interesting price.
And it could happens that cheaper next generation
phones or hacks to run OpenMoko on HTC smartphones
that close source driver will be inside the kernel...
> > Two disadvantage for your wish with the Neo1973:
> > - no USB 2.0
> > - no powered USB port, so you can't plug in USB devices
> > without a battery powered USB-hub
ahh and a third one:
- mini-USB-B jack, so to use it as usb memory device,
you need to carry an cable or adapter with you.
Beside ssh/VPN I also expect encrytped phonecalls:
https://events.ccc.de/congress/2006/Fahrplan/events/1495.en.html
video of this presentation:
http://dewy.fem.tu-ilmenau.de/CCC/23C3/video/23C3-1495-en-green_phone.m4v
And the Neo1973 will have Assited-GPS, probably working also
indoor. So some interesting things become hackable :)
Of course changing the phone profil based on the localisation
but also using it for some security solutions:
The Neo1973 can transmitt the coordinates where you
are via VPN to your workstation, when it is more fare away then
10-20m your login could be closed/your encrypted FS could become
unmounted...
And of course, (nearly) all your linux based crypto soulution
you can run on this smartphone as well ;)
A good starting point to find out more about the project:
In November I saw this linuxdevices article
http://linuxdevices.com/news/NS2986976174.html
and Seans presentation
http://www.openmoko.com/files/OpenMoko_Amsterdam.pdf
espcialy page 11 (apt-get install) conviced my that it is not a
buz-word business project, that it is powerd by real nerds ;)
Knowing that Harald Welte is involved (www.gpl-violations.org)
makes me shure that will real open be as trustworthy as possible :)
At the FOSDEM 2007 converence I meat Sean and Mickey and I saw the
first phones - the project does have a small delay because of including
bluetooth and some problems.. but it is no vapureware. FIC want to
jump into the market.
The FOSDEM presentation can be seen here:
http://wiki.openmoko.org/wiki/Introduction#Videos
slides for this presentation:
http://www.openmoko.com/files/OpenMoko_Neologics.pdf
Latest linuxdevices article (there are some more):
http://www.linuxdevices.com/news/NS7653749655.html
SCNR: have you ever seen an official disassembling howto
http://wiki.openmoko.org/wiki/Disassembling_Neo1973
before a device comming on the market?
So again, excuse me beeing so excited about this project...
I don't want to spam your mailinglist - I just like to hear
your feedback which crypto solution you like to see on such
a device...
E.g. does somebody knows a solution to have a device that
can behaves as USB device could be run as virtual crypto card
to store private keys?
And back to Lance questions - I will try to test this....
;)
Greetings,
rob
PS: official announcements:
http://lists.openmoko.org/pipermail/announce/
More information about the FDE
mailing list