[ale] A response to Apple v DoJ
Alex Carver
agcarver+ale at acarver.net
Thu Feb 25 13:59:38 EST 2016
On 2016-02-25 08:54, Jim Kinney wrote:
> On Thu, 2016-02-25 at 11:45 -0500, DJ-Pfulio wrote:
>> On 02/25/16 11:19, Jim Kinney wrote:
>>>
>>> And backups defeat the purpose of the dead man switch. It's really
>>> a
>>> catch-22 situation. You would need a secret backup with it's own
>>> dead
>>> man switch. Miss one scheduled backup time and the clock starts
>>> ticking.
>>> Make the backups from the phone manual.
>>
>> True, but I get to choose the encryption for the backups, not some
>> vendor. Thinking blowfish with a 448bit key length. Definitely avoid
>> AES.
> But the holes and backdoors in AES make it run Sooooo much faster!
> I saw a 2048 bit key printed out once using bar codes. Scan them back
> in in the correct order and you have the private key restored.
In one off-site location that I have to store a couple passwords, I use
an NFC MiFare tag with a few kbytes of storage. The password is stored
there encrypted and the tag can be hidden with no identifying markings.
I did the same thing once with a paper one-time MARTA Breeze card. The
card can be formatted and reused as a blank storage card but it only has
about 64 bytes of storage.
Granted you need an NFC reader to pull the data off but it's not obvious
what the tag is because the generic MiFare card is just a piece of white
plastic.
More information about the Ale
mailing list