I recently had occasion to wonder what goes on in my yard while I’m not home. I’ve got a couple of Logitech QuickCam Messenger cameras that I’ve been pointing out the windows and use Motion to monitor the cameras, detect motion, capture images, notify me of motion events, and transfer the images to a remote server. Motion provides some handy facilities for the last two objectives. I use the Motion on_event_start to trigger a bash script that connects to various other computers, including my work desktop, and notifies me that Motion has detected movement in the camera’s field of vision. Both computers are configured to use SSH public key authentication. The bash script triggers a Zenity alert box shown below.

Clicking OK on the alert box opens a Firefox browser window to a Qdig Quick Digital Image Gallery. The gallery is populated via the on_picture_save option. When a picture is saved a bash script is triggered that copies the picture to the Qdig gallery directory. When the browser opens the gallery, thumbnails are dynamically generated for the contents of the directory. I can’t yet testify to the effectiveness of the system as I haven’t caught any motion yet, but I’m hopeful.  Motion also provides a mini-HTTP server that can be configured to listen to a remote port so that one could watch streaming video in real time.  In fact, motion is extremely flexible and, due the inclusion of the ability to trigger external scripts, is highly extensible.

I’ve been waiting to see a US precedent concerning forcing a suspect to divulge encryption passwords. The UK passed the Regulation of Investigatory Powers Act (RIPA) in October of 2007 which provides for a two year imprisonment for failure to produce an encryption key regardless of any other charges. The RIPA has been used once against an animal rights activist. Now, a Vermont judge has ruled that, under the Fifth Amendment, a suspect cannot be required to produce evidence including an encryption key. Here is some interesting blog commentary by an attorney.

This is a particularly interesting case in a couple of ways. First, officials opened his laptop and started poking around as he was being processed at a Canada-United States border crossing. Second, it brings up some interesting questions concerning rights of accused. The particular crime he is accused of, possessing “animation depicting adult and child pornography”, is one that inspires extreme emotional reactions, it seems. People then tend to forget why the Fourth and Fifth Amendments were included in the Bill of Rights, namely that American citizens weren’t protected by the Magna Carta and searches and seizures illegal in England were commonplace in the colonies.

Of course, if Bruce Schneier is right, the government may be trying to place a backdoor in new encryption standards to avoid this sort of mess. It wouldn’t be the first time, though. See the clipper chip, or mandatory key escrow. I’m sure this isn’t over, but it’s a nice turn of events.

I’ve been experimenting with drive encryption in Ubuntu 7.10 and am quite pleased. I used the AMD64 Alternate Install disk to encrypt everything but an ext3 boot partition. Ubuntu uses LVM to build logical partitions inside a dm-crypt partition. Installation was a snap, though it takes much longer than an unencrypted install mostly due to the drive wiping process. I assume it uses /dev/urandom to generate random data to overwrite drive space, but could be wrong. I’d probably use a trusted wiping utility if I didn’t need to preserve other partitions on the drive.

The installer offers several encryption algorithms, such as AES with, and several key sizes, up to 256 bit, but doesn’t offer cascading encryption algorithms, which I imagine would impact read/write speed. I don’t have any previous experience with LVM or dm-crypt, but have used cryptoloop under Suse 9.x with ReiserFS and lost a fair amount of data to it no thanks to personal support from Hans. I formatted all of the LVM volumes with ext3 and decided it prudent to have a backup plan independent of dm-crypt and LVM. I have a partition encrypted with Truecrypt on another internal drive to which I backup in addition to a Truecrypt-encrypted firewire drive I keep off-site and refresh periodically. I have confidence that if either LVM or dm-crypt fails and I lose access to the encrypted system, I can recover my data from the backup partition on the other internal hard drive or, if some greater calamity occurs, I will be able to access my off-site firewire backup.

Other than the dm-crypt password prompt when booting and the mildly confusing entries in /etc/fstab, I don’t notice any difference from the uncrypted installation I used previously. I’ve included a drive map below to show the partition layout. Installation into available space while maintaining both my Windows XP and Thinkpad recovery partition was straightforward. The Windows partition is unprotected, but I can’t remember the last time I used it and certainly wouldn’t trust it with anything important anyway.

One question I had and was unable to find and answer to was this: Does suspend to ram work with encrypted drives? I suspected it wouldn’t since the swap space is encrypted, but was pleasantly surprised to find I was wrong. I can suspend and recover successfully. I realize now that the dm-crypt partition stays mounted through the suspend which means that while I can have quicker recovery times, the data isn’t protected. Hibernate requires a dm-crypt password on recovery. In my mind, though, the benefit of drive encryption is two-fold. First, you’re protecting the data, both the data you intentionally have and the remains of data left in empty drive space and file slack space after deletion, from boot-time attacks. Everyone knows that physical access to a machine is the kiss of death. Second, you’re protecting against third-party forensics. Both of these scenarios require the machine to be shut down. When the machine is shut down, the dm-crypt session is lost and your data is again protected. So, unless there is a flaw in the session authentication mechanisms (pam, xscreensaver, GDM, etc), and there might well be, it seems safe.

Anyway, I’m very satisfied with the installation process and the encrypted system.

The drive map shows that the dm-crypt partition is unrecognized. Also, each LVM volume is recognized as a separate drive.