Wed, 05 Mar 2008
I was listening to the Security Now! podcast yesterday, where Steve Gibson talked about the latest release of TrueCrypt. I've had great experiences with TrueCrypt in the past, and Steve seems to have nothing but good things to say about it as well.
The most fascinating thing that he mentioned was that in his benchmarks (which entailed restoring a very fragged XP image, then running a batch script which used ntimer to clock the windows defraggers and vopt), Windows ran significantly *FASTER* when fully-encrypted with TrueCrypt, than without.
So it seems that the TrueCrypt guys have created drivers that not only encrypt/decrypt your data seemlessly on the fly, but are actually quite faster than the default Windows drivers. Amazing.
I haven't tried to reproduce this locally, as I try to avoid firing up my Windows vm guest at all costs. However, I'm interested to hear if anyone else notices this dramatic performance boost that Steve talks about when using TrueCrypt5 in Windows.
Thu, 25 Oct 2007
The Fedora-based security livecd that I created a little while back is coming along quite nicely. I have yet to submit it to become an officially blessed Fedora spin, mainly because I didn't want it to be Yet Another gnome-based livecd with a bunch of extra packages shoved into it. If we're going to try and even remotely compare to existing livecds such as backtrack, we're going to have to try a little bit harder :)
I've gotten multiple requests from people asking for a minimal security livecd, with something a bit slimmer than GNOME, preferably *box. Being a proud openbox user for the past 6 years -- I gladly complied. So, the other day on the bus ride home from work, I re-based the spin against the minimal configuration, and tweaked out the openbox configuration quite a bit.
The default openbox menu contains a few boilerplate entries, most of which are for applications that don't even exist in a default Fedora install. I went ahead and threw together a menu that is categorized by the type of security tool in the spin. I also wanted the ability for users to have access to the same menu entries as our default GNOME menu. To accomplish this, I hacked up a dynamic openbox pipe menu, which generates the same menu hierarchy as the GNOME application menu, on-the-fly :)
if entry.get_type() == gmenu.TYPE_DIRECTORY:
print '<menu id="%s" label="%s">' % (entry.menu_id, entry.get_name())
elif entry.get_type() == gmenu.TYPE_ENTRY and not entry.is_excluded:
""" % (entry.get_name(), entry.get_exec())
Patches/comments/suggestions/criticism welcome! See the SecurityLiveCD wiki for more details on how to spin your own and get involved.