[Freedombox-discuss] Debian FreedomBox = Existing Debian \packages on plug hardware

John Gilmore gnu at toad.com
Fri Mar 4 11:32:51 UTC 2011


> In may require a warrant, but following severe breakdown of civil
> administration caused by either unrest or natural disaster, the rules may
> not be followed to the letter.
> 
> I think it's desirable - across the spectrum of proposals for
> user-controlled network devices generally, not just Debian Freedomboxen - to
> store as much state as possible on very small removable media - i.e.
> micro-SD cards or similar - so that in the event of a raid by people likely
> to wish to silence your node, all that has to be concealed is a 15mm x 11mm
> card, which could be swallowed or easily concealed in any number of places.
> After the event the card could be inserted into another suitable device and
> the node would be back up and running with the same state it had previously.

I agree that having tiny portable storage devices would be very
useful for concealment and smuggling.  But...

There are severe technical problems to be solved to make flash-based
devices such as SD or microSD cards usable for information that you
want to keep private from "the authorities".  Due to flash's inability
to overwrite data in place, flash-based memories make multiple copies
of your data, don't keep track of the extra copies, and don't rapidly
or securely erase them.  Many provide no interface that merely asks
the entire device to erase itself into a clean, secure state.

Once you've written an incriminating file, or a crypto key, onto a
flash-based device, you can never be sure whether physically seizing
the device, ripping it open and probing the flash chips will produce
a copy of that file or key -- or not.  The only ways to be sure are
to (1) rip it apart yourself and look -- oops, the drive is now dead;
or (2) physically grind it into sand.  See:

  http://cseweb.ucsd.edu/users/m3wei/
  http://cseweb.ucsd.edu/users/swanson/papers/Fast2011SecErase.pdf

Rotating magnetic disk drives have SOLVED this problem; they provide
Secure Erase commands that erase the drive such that not even experts
can extract the former contents (hdparm --security-erase-extended).
They are also quite good at securely erasing single files without
destroying the rest of the data and without physically destroying the
drive (GNU Shred).  Until the Flash hardware community provides
similar facilities, I recommend that the Freedom Box project fully
support magnetic disk drives for those who choose them.  Activists'
lives depend on getting this right.

	John



More information about the Freedombox-discuss mailing list