On Dec 4, 2017, at 4:20 PM, valdis.kletnieks@vt.edu wrote:
I'll just remind everybody that if this is a serious component of your threat model, you probably need to have gotten in touch with some serious professionals to help set everything up, because it's going to have more little gotchas than we can cover here on NANOG.
Yup.
For starters, did you build your system in a way that avoids cold-boot attacks against the crypto keys that manage access to your hard drive?
Probably not.
(Those 6 of you who *are* serious professionals at this can ignore that advice :)
Do I count? I only accused the Director of the NSA of High Treason in my letter to the editors of the Communications of the ACM (see <http://www.shub-internet.org/brad/cacm92nov.html>). So, yeah -- having the hardware here in my house so that it is more secure against unreasonable search and seizure -- that is very much in my threat model. -- Brad Knowles <brad@shub-internet.org>