https://lug.mtu.edu/w/index.php?action=history&feed=atom&title=Minutes_2025-01-23 2026-05-14T11:17:40Z Revision history for this page on the wiki MediaWiki 1.39.17 https://lug.mtu.edu/w/index.php?title=Minutes_2025-01-23&diff=7784&oldid=prev 2025-02-15T02:00:16Z

<p></p> <table style="background-color: #fff; color: #202122;" data-mw="interface"> <col class="diff-marker" /> <col class="diff-content" /> <col class="diff-marker" /> <col class="diff-content" /> <tr class="diff-title" lang="en"> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 02:00, 15 February 2025</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 74:</td> <td colspan="2" class="diff-lineno">Line 74:</td> </tr> <tr> <td class="diff-marker"></td> <td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* The new bamboo update introduces DRM and firmware locks, dont update.</div></td> <td class="diff-marker"></td> <td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* The new bamboo update introduces DRM and firmware locks, dont update.</div></td> </tr> <tr> <td class="diff-marker"></td> <td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Meeting Minutes]]</div></td> <td class="diff-marker"></td> <td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Meeting Minutes]]</div></td> </tr> <tr> <td colspan="2" class="diff-empty diff-side-deleted"></td> <td class="diff-marker" data-marker="+"></td> <td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>__NOEDITSECTION__</div></td> </tr> <!-- diff cache key lug_wiki:diff:wikidiff2:1.12:old-7769:rev-7784:1.13.0 --> </table>

D2wn https://lug.mtu.edu/w/index.php?title=Minutes_2025-01-23&diff=7769&oldid=prev 2025-02-14T22:39:25Z

<p>Created page with &quot;= LUKS and Disk Encryption = By: Noah Holland === Brief overview on disk Encryption === ==== Symmetric vs Asymmetric ==== ==== Full-Disk Encryption ==== * There is Bitlocker for Windows and LUKS for Linux #### Filesystem-level Encryption * APFS * FSCrypt(ext4 (added recently), F2FS, CephFS, etc..) * ZFS Not recommended for personal use === Pros and cons of each approach === ==== Issues with FDE ==== * Not east with multiple users ** either decrypt the disk with a...&quot;</p> <p><b>New page</b></p><div>= LUKS and Disk Encryption =<br /> <br /> By: Noah Holland<br /> <br /> === Brief overview on disk Encryption ===<br /> <br /> ==== Symmetric vs Asymmetric ====<br /> <br /> ==== Full-Disk Encryption ====<br /> <br /> * There is Bitlocker for Windows and LUKS for Linux #### Filesystem-level Encryption<br /> * APFS<br /> * FSCrypt(ext4 (added recently), F2FS, CephFS, etc..)<br /> * ZFS Not recommended for personal use<br /> <br /> === Pros and cons of each approach ===<br /> <br /> ==== Issues with FDE ====<br /> <br /> * Not east with multiple users<br /> ** either decrypt the disk with a shared password or TPM<br /> * Data recovery can be a pain in the ass<br /> * Chicken-and-egg problem<br /> <br /> ==== Issues with FS-level Encryption ====<br /> <br /> * Metadata leakage<br /> ** NSA Director: “We Kill people based on Metadata”<br /> * Evil maid attacks Requires FS to support it<br /> ** more moving parts<br /> <br /> === How To Use? ===<br /> <br /> ==== LUKS ====<br /> <br /> * cryptsetup luksFormat /dev/&lt;device&gt;<br /> <br /> ==== ext4 ====<br /> <br /> * enable encrypt feature flag<br /> * crypt encrypt &lt;directory&gt;<br /> <br /> ==== ZFS ====<br /> <br /> zfs create -o encryption=on -o keylocation=prompt -o keyformat=passphrase &lt;zpool&gt;/&lt;dataset&gt; - zfs load key -r &lt;zpool&gt;/&lt;dataset&gt; - zfs mount (more info on slides)<br /> <br /> Noah uses a key file on the root that unlocks his computer on startup.<br /> <br /> === How LUKS works ===<br /> <br /> * LUKS is composed of its header and then multiple key slots that stand between the user and the encrypted data<br /> * dread pirate Ross got caught with his drive unencrypted, so to avoid this have a drive plugged in that when removed wipe access to the encrypted system altogether.<br /> <br /> === LUKS recovery ===<br /> <br /> * make backups<br /> * pain in the ass to recover<br /> <br /> === Plausible Deniability ===<br /> <br /> * done via a LUKS detached header<br /> * indistinguishable from random data<br /> * can use a special command to separate the header and use it later #### VeraCrypt<br /> * Like LUKS detached header but all the time<br /> * downside - human operator needs to remember all settings<br /> * fork of truecrypt - might be made by the feds or Vera might be made by the feds<br /> * can set multiple decryption passwords for a dummy volume and your real volume<br /> <br /> === Russain man script update ===<br /> <br /> * recap: I bought drives, but they ended up not working, but we found a Russian guy who could make them work for us using some script.<br /> * got the script from him, need the firmware file.<br /> * could someone break into the White House and trick Trump into pardoning them for breaking into the White House?<br /> * The new bamboo update introduces DRM and firmware locks, dont update.<br /> [[Category:Meeting Minutes]]</div>

D2wn