Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: How secure is the Encryption that Ubuntu uses?

  1. #1
    Join Date
    Dec 2012
    Location
    Brazil
    Beans
    90
    Distro
    Ubuntu 12.04 Precise Pangolin

    How secure is the Encryption that Ubuntu uses?

    I have a couple of questions:

    1 - How secure is the Encryption that Ubuntu uses? Can a normal user by-pass it? FBI? Someone? (w/o the passwd, of course)

    2 - How to restrict access to a specific folder? Let's say a friend comes to use my computer and I don't want him to see a folder. How to do that? And how to put a password to use, let's say, Chromium?

    3 - I don't use a swap partition so no trace there, let's say, of a bank acc password. What are the other possible places that files may be when/after writing/accessing?

  2. #2
    Join Date
    Apr 2008
    Location
    LOCATION=/dev/random
    Beans
    5,767
    Distro
    Ubuntu Development Release

    Re: How secure is the Encryption that Ubuntu uses?

    Which encryption are you talking about?

    There are two methods of encryption available to you when installing Ubuntu, either whole drive encryption or home folder encryption.
    Cheesemill

  3. #3
    Join Date
    Dec 2012
    Location
    Brazil
    Beans
    90
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How secure is the Encryption that Ubuntu uses?

    The home folder one, I didn't have time to learn how to encryp the whole disk AND have W7 installed as well.

  4. #4
    Join Date
    Nov 2012
    Location
    Halloween Town
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: How secure is the Encryption that Ubuntu uses?

    Quote Originally Posted by Juniorr View Post
    1 - How secure is the Encryption that Ubuntu uses? Can a normal user by-pass it? FBI? Someone? (w/o the passwd, of course)
    I think Ubuntu uses AES-256 to encrypt the disk volume and has a cypher feedback to help protect it from frequency attacks and others attacks that target statically encrypted data. With it your computer is reasonably safe unless you are subject to serious organised cyber crime or Government investigation!
    Quote Originally Posted by Juniorr View Post
    2 - How to restrict access to a specific folder? Let's say a friend comes to use my computer and I don't want him to see a folder. How to do that? And how to put a password to use, let's say, Chromium?
    You can change the permission of the folder
    Code:
    sudo chmod 700 -R /home/user/my_folder
    Last edited by slickymaster; April 23rd, 2013 at 11:31 PM.

  5. #5
    Join Date
    Dec 2012
    Location
    Brazil
    Beans
    90
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How secure is the Encryption that Ubuntu uses?

    Quote Originally Posted by slickymaster View Post
    You can change the permission of the folder
    Code:
    sudo chmod 700 -R /home/user/my_folder
    And after that what do I need to do to access the folder? Is it reversible?

  6. #6
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How secure is the Encryption that Ubuntu uses?

    Quote Originally Posted by Juniorr View Post
    And after that what do I need to do to access the folder? Is it reversible?
    You just made it readable and writable by your user only. If you want to put it back to the way it was you would just run this:

    Code:
    sudo chmod 755 -R /home/user/my_folder
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  7. #7
    Join Date
    Dec 2012
    Location
    Brazil
    Beans
    90
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How secure is the Encryption that Ubuntu uses?

    Quote Originally Posted by CharlesA View Post
    You just made it readable and writable by your user only. If you want to put it back to the way it was you would just run this:

    Code:
    sudo chmod 755 -R /home/user/my_folder
    I thought encryption enough to prevent other users to access it from other accounts.

    What I want is like: When I click on the folder I need (ON MY ONLY ACCOUNT, there will be no other accounts) to type a password, is there such thing?

  8. #8
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How secure is the Encryption that Ubuntu uses?

    Quote Originally Posted by Juniorr View Post
    I thought encryption enough to prevent other users to access it from other accounts.

    What I want is like: When I click on the folder I need (ON MY ONLY ACCOUNT, there will be no other accounts) to type a password, is there such thing?
    It is. I don't know if you can password protect certain folders, though.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  9. #9
    Join Date
    Jul 2007
    Location
    Auckland, NZ
    Beans
    4,162
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: How secure is the Encryption that Ubuntu uses?

    You can do something of the kind using encfs.

    When not mounted, the files are on the disk, but in a hidden folder and the names are also encrypted.

    However, if someone discovered them and wanted to annoy you, they could just delete them. If that's likely to happen, keep a backup (a good idea anyway).

  10. #10
    Join Date
    Nov 2009
    Location
    de9fdc5c1ade9d205ac5e2622
    Beans
    Hidden!
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: How secure is the Encryption that Ubuntu uses?

    A better idea to protect files (not the entire system) is to use something like TrueCrypt to create a folder of X mb that looks like a file. Decrypt it only as needed, and immediately encrypt when done.

    As for your first question about how secure vs the different groups, that depends on what you are willing to take as a loss. Basically, you want to not have physical access when things are in their decrypted state and soon enough after it that a cold boot RAM dump is not feasible.

    Here is what I would say on the issue:
    You can hide files and change the permissions so that only the superuser can read/write etc. You should have a guest account for friends so that they simply cannot access the area where the folder is stored. In terms of defeating attacks you have to make a choice. Create backups (which an organized attack like the FBI would probably find) or minimize the risk by minimizing the targets an attacker has. I think you basically have to just accept that if some one (or group) get's physical acess to your computer or convinces you to run something on your computer, and you know it, than it is a total wash. I would take a purge aproach in this case. Everything associated with that computer is a total lose. An important note here is that we are talking about a group that will obey the laws and doesn't have a reasonable suspicion that the data is on a computer, even with hidden encrypted volumes.

    If you don't know about acess, well, you are screwed. Game over, at some point no matter what you do, you will be compromised because you don't even know some part of your security, the most fundamental part, has been overcame.

    Scary though: it is a group like Russian mop that wants what is on your computer. Consider your entire lifestyle a loss and get the hell out of dodge. Cause for sure, if the Russian mob (or maybe even the CIA in one of my governments fun Hilton Torture Inn that we franshize to fun places) get a hold of you they arent not going to bother with cold boot attacks etc....You just became a real life example of the xkcd joke on encryption.


    Oh, you might find it interesting that the FBI doesn't even need direct physical access. Methods used include analyzing the variation of the acoustics of each key, the EM radiation differences by key, differences in micro sugers of voltage in your power lines in your house.

    Id
    "Si Dieu n'existait pas, il faudrait l'inventer" -Voltaire

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •