[liberationtech] LUKS "Self-Destruct" feature introduced in Kali Linux

Fri Jan 31 03:06:58 PST 2014

Kali is a pentesting Linux distro. I would suggest that this is more a
method for keeping client data relatively safe, as opposed to smuggling
state secrets out of a country.

This is not intended to be used as a secure transport distro and its being
read into too much. The functionality exists because some may find it
useful on assignments to China, for instance.

If you have serious  documentation transportation to do, and you want to
use Kali to transport your data, then you are doing it wrong.
On 31 Jan 2014 21:32, "Amin Sabeti" <aminsabeti at gmail.com> wrote:

> In the Iran case, I think using TrueCrypt would be better because hiding
> files is more important than destroying it. For instance, it would be not
> practical to destroy files when the authorities confiscate your laptop.
>
>
> On 30 January 2014 20:54, Sean Lynch <seanl at literati.org> wrote:
>
>>
>> On Thu, Jan 30, 2014 at 1:00 AM, Maxim Kammerer <mk at dee.su> wrote:
>>
>>>
>>> I can't think of a scenario where this functionality would be useful.
>>> Reminds me of Greenwald using his boyfriend as a data mule  --
>>> simultaneously trusting and mistrusting cryptography due to lack of
>>> understanding of the concepts involved. If you want to move data
>>> safely, encrypt it with an automatically-generated password of
>>> sufficient entropy, and transmit the password separately -- there is no
>>> need to transmit the whole LUKS keyslot, which is large, and is just a
>>> technical detail.
>>>
>>
>> I don't think even this is useful. It'd be as easy or easier to go get
>> the separately transmitted key than to get you to reveal it, and the same
>> tactics that would get you to reveal the key could also get you to reveal
>> its location or the identity of whoever has the key.
>>
>> In the more likely scenario, it's unlikely the bad guys are going to make
>> any distinction between your refusing to reveal the key and your being
>> unable to reveal the key. It's not like they're going to say "Damn, we've
>> lost. Well, just let them go, then!"
>>
>> The only real protection from being compelled to reveal a key is for the
>> bad guys not to know the encrypted data even exists.
>>
>> --
>> Liberationtech is public & archives are searchable on Google. Violations
>> of list guidelines will get you moderated:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
>> Unsubscribe, change to digest, or change password by emailing moderator at
>> companys at stanford.edu.
>>
>
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140131/1659df71/attachment.html>