[ale] A response to Apple v DoJ
Pete Hardie
pete.hardie at gmail.com
Thu Feb 25 14:05:25 EST 2016
Hell, while we're at it, why not a duress password that accesses a dummy
account with fake, safe data, and a nukeit password that wipes the device?
On Thu, Feb 25, 2016 at 1:59 PM, Alex Carver <agcarver+ale at acarver.net>
wrote:
> On 2016-02-25 08:54, Jim Kinney wrote:
> > On Thu, 2016-02-25 at 11:45 -0500, DJ-Pfulio wrote:
> >> On 02/25/16 11:19, Jim Kinney wrote:
> >>>
> >>> And backups defeat the purpose of the dead man switch. It's really
> >>> a
> >>> catch-22 situation. You would need a secret backup with it's own
> >>> dead
> >>> man switch. Miss one scheduled backup time and the clock starts
> >>> ticking.
> >>> Make the backups from the phone manual.
> >>
> >> True, but I get to choose the encryption for the backups, not some
> >> vendor. Thinking blowfish with a 448bit key length. Definitely avoid
> >> AES.
> > But the holes and backdoors in AES make it run Sooooo much faster!
> > I saw a 2048 bit key printed out once using bar codes. Scan them back
> > in in the correct order and you have the private key restored.
>
> In one off-site location that I have to store a couple passwords, I use
> an NFC MiFare tag with a few kbytes of storage. The password is stored
> there encrypted and the tag can be hidden with no identifying markings.
> I did the same thing once with a paper one-time MARTA Breeze card. The
> card can be formatted and reused as a blank storage card but it only has
> about 64 bytes of storage.
>
> Granted you need an NFC reader to pull the data off but it's not obvious
> what the tag is because the generic MiFare card is just a piece of white
> plastic.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
Pete Hardie
--------
Better Living Through Bitmaps
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160225/4d47b6ca/attachment.html>
More information about the Ale
mailing list