Re: [dm-crypt] avoid keyloggers: enter password with mouse?(virtual?keyboard)

[Arno Wagner <arno@wagner.name>]

On Wed, Oct 05, 2011 at 09:37:01AM +0000, Jan wrote:
> Arno Wagner <arno@...> writes:
> 
> > I really don't know. If it is just the spare-time project of the
> > Internet Cafee owner, you might be right. If it is the project
> > of the secret police, recording the video off the cable is 
> > conveivable, although a bit more expensive than the about $80
> > for the hardware keylogger.
> 
> Usually it sould be a spare time project, since I choose the internet cafe
> at random and video grabber cost about $170 (see http://www.keydemon.com/
> ).  It would be nice to be protected against hardware keyloggers at least
> with the software I proposed.  I know some C basics.  In case I find some
> time, where could I get the mentioned linux knowledge?

A C on Linux tutorial should be enough then. 

Minimal process:

1. Write C-Programm with editor (of your choice, 
   examples: joe, vi, emacs)
2. gcc -o <program> <sourcefile>.c

This is for a single source file. Should be enough.

For screen output, just do a complete screen rewrite 
line-wise with the "poor man's teminal clear" (write 
25 or 50 emtpy lines). 

You can get c library help either from the GNU info pages
("info libc") or often from the commandline "man 3 <command>",
e.g. "man 3 printf". The "3" refers to section 3 of tha 
manual which is the C library. You may have to install the
C library documentation package.

Attacheing a command via its STDIN is a bit more tricky,
but can be done with "popen".
An example is here:

  http://stackoverflow.com/questions/70842/execute-program-from-within-a-c-program

As usual, Google is your friend, just add "linux" to the
C query.
 
> Originally I wanted to find a way to use my GnuPG key in internet cafes
> savely.  Since as you pointed out, even with the software I proposed,
> there is no "absolute" security.  Here's my pragmatical solution:
> 
> 0. Use privatix.
> 1. Protect against hardware keyloggers with the software I proposed to
> defeat the "most common" thread.
> 2. Use TWO GnuPG keys with the following user-IDs:
>    
>    "My Name 
>    (very safe, your email reaches 
>     me at my save PC at home only) 
>    <myaddress@gmx.de>",
>    
>    "My Name 
>    (not completely safe, your email reaches 
>     me in unsecure internet cafes and at home) 
>    <myaddress@gmx.de>"

Make sure the second one is clearly marked as not-that-secure, as
the sender has to choose which one to use.

> 3. Have two privatix USB sticks, one for at home, the other for internet
> cafes etc.  The first one never leaves my home.
> 
> This way people who want to send me an encrypted email can decide for
> hemselves which level of security their message needs.  If they chose the
> second key at east internet providers cannot read the content of the email
> and send personalized advertisments etc.
> 
> Another question:
> When I plug in my USB stick in an internet cafe, boot from it and have
> decrcypted it, is there a hardware mechanism known to you that could
> automatically copy the DECRYPTED contents of my stick? I think that's unlikely
> since the decryption takes place in the OS, ist that right?

Nothing standard. The best bet IMO would be to fake the boot
using a VM and then read the key from the VM's memory. You
are right that decryption is done in the PC, the data that 
goes over USB is still encrypted.

I would say that besides the faked boot via VM, you do not need
to worry about it in your scenario. And to fight the faked boot, 
do a full power cycle with wall socket unplug, not just a reset.
Presenting such a faked boot takes some effort though.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier