this post was submitted on 19 Feb 2024
227 points (97.5% liked)
Privacy
32159 readers
708 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Does this matter if it needs a password? Luks stores the key in storage too
If I understand Luks, the raw key is encrypted using the passphrase, so that is an ok scheme if the passphrase itself is too random to attack by brute force (unlike the 8 digit code that the Ironkey device uses). Look up "diceware" for a reasonable way to generate random phrases. Luks with this approach can be pretty good, though still potentially vulnerable to key loggers and other such attacks. Basically, put careful attention into what you are trying to protect against. High security commercial crypto (e.g. for banking) uses hardware modules in secure data centers, surrounded by 24/7 video surveillance. Check out the book "Security Engineering" by Ross Anderson if this sort of thing interests you. 1st and 2nd editions are on his website, use web search. Parts of the current 3rd edition are there too).