From: Dale Amon <amon@vnl.com>
To: Dustin Reyes <crusader@linuxgames.com>
Cc: selinux@tycho.nsa.gov
Subject: Re: Crypto FS
Date: Fri, 9 Feb 2001 13:19:50 +0000 [thread overview]
Message-ID: <20010209131949.O13451@vnl.com> (raw)
In-Reply-To: <20010208155329.A1383@linuxgames.com>; from crusader@linuxgames.com on Thu, Feb 08, 2001 at 03:53:29PM -0600
On Thu, Feb 08, 2001 at 03:53:29PM -0600, Dustin Reyes wrote:
> Re: Integrate existing publicly available file cryptography
> with file mandatory controls
>
> Will the SE Linux team (NAI Labs, NSA, etc.) be conducting
> an extensive security audit of current Linux disk encryption?
>
I doubt they could step into that area. I also doubt they would
want to take on the grief because no one would believe them
anyway.
> Finally, I'm not a professional coder or cryptologist, so this question
> may be completely invalidated by encrypted filesystems are
> already implemented... if so, I apologize in advance.
>
The linux crypt tree is managed by a lot of very fine people
spread all over the world and anyone who found a hole would
gain instant fame in their esoteric coterie. If you were a
young math wizard, what better way to gain notoriety that to
find a backdoor in a popular cipher? I'd say that
there are probably more people pounding on codes outside
government circles now than the total of all the ones who
were ever *inside*. Some people even think its fun. :-)
In any case, there are also standards like AES that are
well trusted. And everyone knows you shouldn't trust DES
for anything more serious than a teen love letter.
In short, I think the people doing the hard work here
should make sure they don't break the international
patches, but it is perhaps not wise for them to step into
quicksand.
And I would in fact be happy to test the interoperability of
the two sets of patches and report any problems. At the
end of the day, its' my customers data that I need to
protect, and that means a full systemic approach.
--
------------------------------------------------------
Use Linux: A computer Dale Amon, CEO/MD
is a terrible thing Village Networking Ltd
to waste. Belfast, Northern Ireland
------------------------------------------------------
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2001-02-09 13:19 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-02-08 21:53 Crypto FS Dustin Reyes
2001-02-08 21:56 ` Dustin Reyes
2001-02-09 13:19 ` Dale Amon [this message]
-- strict thread matches above, loose matches on Subject: below --
2001-02-09 22:04 Pete Loscocco
2001-02-10 0:29 ` Sandy Harris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010209131949.O13451@vnl.com \
--to=amon@vnl.com \
--cc=crusader@linuxgames.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.