|
Linux Unified Key Setup
The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and originally intended for Linux. LUKS implements a platform-independent standard on-disk format for use in various tools. This facilitates compatibility and interoperability among different programs and operating systems, and assures that they all implement password management in a secure and documented manner. Description LUKS is used to encrypt a block device. The contents of the encrypted device are arbitrary, and therefore any filesystem can be encrypted, including swap partitions. There is an unencrypted header at the beginning of an encrypted volume, which allows up to 8 (LUKS1) or 32 (LUKS2) encryption keys to be stored along with encryption parameters such as cipher type and key size. The presence of this header is a major difference between LUKS and dm-crypt, since the header allows multiple different passphrases to be used, with the ability to change and rem ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Disk Encryption
Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or disk encryption hardware, hardware to encryption, encrypt every bit of data that goes on a disk storage, disk or disk volume (computing), volume. It is used to prevent unauthorized access to data storage. The expression ''full disk encryption (FDE)'' (or ''whole disk encryption'') signifies that everything on the disk is encrypted, but the master boot record (MBR), or similar area of a bootable disk, with code that starts the operating system loading sequence, is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR. Transparent encryption Transparent encryption, also known as real-time encryption and on-the-fly encryption (OTFE), is a method used by some disk encryption software. "Transparent" refers to the fact ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Erasure
Data erasure (sometimes referred to as data clearing, data wiping, or data destruction) is a software-based method of data sanitization that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by overwriting data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable. Ideally, software designed for data erasure should: #Allow for selection of a specific standard, based on unique needs, and #Verify the overwriting method has been successful and removed data across the entire device. Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to the data disk sectors and make the data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, data erasure removes all information while leaving the disk operable. New flash memory-based m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Full Disk Encryption
Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage. The expression ''full disk encryption (FDE)'' (or ''whole disk encryption'') signifies that everything on the disk is encrypted, but the master boot record (MBR), or similar area of a bootable disk, with code that starts the operating system loading sequence, is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR. Transparent encryption Transparent encryption, also known as real-time encryption and on-the-fly encryption (OTFE), is a method used by some disk encryption software. "Transparent" refers to the fact that data is automatically encrypted or decrypted as it is loaded o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bootloader
A bootloader, also spelled as boot loader or called bootstrap loader, is a computer program that is responsible for booting a computer and booting an operating system. If it also provides an interactive menu with multiple boot choices then it's often called a boot manager. When a computer is turned off, its softwareincluding operating systems, application code, and dataremains stored on non-volatile memory. When the computer is powered on, it typically does not have an operating system or its loader in random-access memory (RAM). The computer first executes a relatively small program stored in the boot ROM, which is read-only memory (ROM, and later EEPROM, NOR flash) along with some needed data, to initialize hardware devices such as CPU, motherboard, memory, storage and other I/O devices, to access the nonvolatile device (usually block device, e.g., NAND flash) or devices from which the operating system programs and data can be loaded into RAM. Some earlier computer systems, u ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Linux Kernel
The Linux kernel is a Free and open-source software, free and open source Unix-like kernel (operating system), kernel that is used in many computer systems worldwide. The kernel was created by Linus Torvalds in 1991 and was soon adopted as the kernel for the GNU operating system (OS) which was created to be a free software, free replacement for Unix. Since the late 1990s, it has been included in many Linux distributions, operating system distributions, many of which are called Linux. One such Linux kernel operating system is Android (operating system), Android which is used in many mobile and embedded devices. Most of the kernel code is written in C (programming language), C as supported by the GNU compiler collection (GCC) which has extensions beyond standard C. The code also contains assembly language, assembly code for architecture-specific logic such as optimizing memory use and task execution. The kernel has a Modular programming, modular design such that modules can be inte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GRUB
GNU GRUB (short for GNU GRand Unified Bootloader, commonly referred to as GRUB) is a boot loader package from the GNU Project. GRUB is the reference implementation of the Free Software Foundation's Multiboot Specification, which provides a user the choice to boot one of multiple operating systems installed on a computer set up for multi-booting or select a specific kernel configuration available on a particular operating system's partitions. GNU GRUB was developed from a package called the ''Grand Unified Bootloader'' (a play on Grand Unified Theory). It is predominantly used for Unix-like systems. Operation Booting When a computer is turned on, its BIOS finds the primary bootable device (usually the computer's hard disk) and runs the initial bootstrap program from the master boot record (MBR). The MBR is the first sector of the hard disk. This bootstrap program must be small because it has to fit in a single sector. For a long time, the size of a sector has been 512&nbs ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Bootloader
A bootloader, also spelled as boot loader or called bootstrap loader, is a computer program that is responsible for booting a computer and booting an operating system. If it also provides an interactive menu with multiple boot choices then it's often called a boot manager. When a computer is turned off, its softwareincluding operating systems, application code, and dataremains stored on non-volatile memory. When the computer is powered on, it typically does not have an operating system or its loader in random-access memory (RAM). The computer first executes a relatively small program stored in the boot ROM, which is read-only memory (ROM, and later EEPROM, NOR flash) along with some needed data, to initialize hardware devices such as CPU, motherboard, memory, storage and other I/O devices, to access the nonvolatile device (usually block device, e.g., NAND flash) or devices from which the operating system programs and data can be loaded into RAM. Some earlier computer systems, u ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Boot Partition
The system partition and the boot partition (also known as the system volume and the boot volume) are computing terms for disk partitions of a hard disk drive or solid-state drive that must exist and be properly configured for a computer to operate. There are two different definitions for these terms: the common definition and the Microsoft definition. Common definition In context of every operating system, except those developed by Microsoft, the system partition and the boot partition are defined as follows: * The ''boot partition'' is a primary partition that contains the boot loader, a piece of software responsible for booting the operating system. For example, in the standard Linux directory layout (Filesystem Hierarchy Standard), boot files (such as the kernel, initrd, and boot loader GRUB) are mounted at /boot/. Despite Microsoft's radically different definition (see below), System Information, a utility app included in Windows NT family of operating systems, refers to it ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Adversary (cryptography)
In cryptography, an adversary (rarely opponent, enemy) is an entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity, and availability of data), often with malicious intent. An adversary's efforts might take the form of attempting to discover secret data, corrupting some of the data in the system, spoofing the identity of a message sender or receiver, or forcing system downtime. Actual adversaries, as opposed to idealized ones, are referred to as ''attackers''. The former term predominates in the cryptographic and the latter in the computer security literature. Eavesdropper Eve, malicious attacker Mallory, opponent Oscar, and intruder Trudy are all adversarial characters widely used in both types of texts. This notion of an adversary helps both intuitive and formal reasoning about cryptosystems by casting security analysis of cryptosystems as a 'game' between the users and a ''centrally co-ordinated'' enemy. The notion ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Evil Maid Attack
An evil maid attack is an attack on an unattended device, in which an attacker with physical access alters it in some undetectable way so that they can later access the device, or the data on it. The name refers to the scenario where a maid could subvert a device left unattended in a hotel room – but the concept itself also applies to situations such as a device being intercepted while in transit, or taken away temporarily by airport or law enforcement personnel. Overview Origin In a 2009 blog post, security analyst Joanna Rutkowska coined the term "Evil Maid Attack" due to hotel rooms being a common place where devices are left unattended. The post detailed a method for compromising the firmware on an unattended computer via an external USB flash drive – and therefore bypassing TrueCrypt disk encryption. D. Defreez, a computer security professional, first mentioned the possibility of an evil maid attack on Android smartphones in 2011. He talked about the Whi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Root Directory
In a Computing, computer file system, and primarily used in the Unix and Unix-like operating systems, the root directory is the first or top-most Directory (computing), directory in a hierarchy. It can be likened to the trunk of a Tree (data structure), tree, as the starting point where all branches originate from. The root file system is the file system contained on the same Disk Partition Recovery, disk partition on which the root directory is located; it is the filesystem on top of which all other file systems are Mount (computing), mounted as the system boots up. Unix-like systems Unix abstracts the nature of this tree hierarchy entirely and in Unix and Unix-like systems the root directory is denoted by the / (slash) sign. Though the root directory is conventionally referred to as /, the directory entry itself has no name its path is the "empty" part before the initial directory separator character (/). All file system entries, including mounted file systems are "branches" ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
