General "rubberhose" vulnerability
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu |
Invalid
|
Wishlist
|
Unassigned |
Bug Description
Hi, it would be good if Ubuntu did the following:
1) Have crypto tools installed by default (if the user does not select the "use of encryption is illegal in my country" checkbox).
2) The installer must also use the crypto tools to create a container file (with a random passphrase that's discarded immediately) with size (for example) of 1% of free partition space (up to max of 1GB) .
3) It must also be easily possible to reuse that container file with a different passphrase without changing the container's metadata or that of the directory it is in.
4) The container file should NOT be backed up by default (otherwise comparisons could be made).
Without these defaults, all ubuntu systems using encryption would be vulnerable to "rubberhose" attacks.
Better protection against "rubberhose" attacks would be useful given crypto unfriendly laws in the UK and other places.
tags: | added: privacy |
Either
5a) The last modified or last accessed time of the container file should not be changed automatically.
Or
5b) There should be a service that regularly randomly updates the last modified and "last accessed" date on the container file to a recent time.