Christian Stadelmann
Christian Stadelmann
> One of the big, giant challenges for rust-crypto is proving that it is fixed time for some subset of its algorithms. If that can't be done, its never really...
MD4 is known to be weak since 1991, was broken first in 1995 and [obsolete since 2011](https://tools.ietf.org/html/rfc6150). You really shouldn't use it any more. There is no reason to use...
Workaround: Remove all unused kernel modules from your initramfs, e.g. for removable USB storage drivers.
> Another option is setting `usbcore.authorized_default=0` on the kernel command line. This is a nice workaround, but it only works if you don't need USB devices to unlock your disk....
@FedericoCeratto wrote: > It would be very convenient if usbguard could be instructed to allow any new device plugged in after the command. Optionally with a time window e.g. 10...
It looks like `RestoreControllerDeviceState` has the wrong value in your `usbguard-daemon.conf`. Try setting it to `true`, then reboot and stop usbguard using `systemctl stop usbguard` again. Please have a look...
This could be done if you wrote a shell script or alias which does something like this: ``` usbguard set-parameter ImplicitPolicyTarget allow sleep 10 usbguard set-parameter ImplicitPolicyTarget block ```
> The end result is no block device available in my system . What do you mean by this sentence? Can you see the device with `lsusb` or `lsblk`?
If you are running usbguard with the default .service file, it won't detach. Does this issue still apply to you?
Thanks for your initiative! @munix9 wrote > I can't make a final statement about security, maybe an additional password protection would be useful (paranoia setting). I wouldn't do that as...