[Noisebridge-discuss] Noisebridge's Dead Trees

Casey Callendrello c1 at caseyc.net
Tue Aug 11 10:10:39 UTC 2015

I like to mix the systems. I use dead trees for their security
properties, and digital files for their space efficiency.

My critical documents are on an encrypted disk image, for which the
symmetric key is printed and kept offline. I have a backup key in my
safe deposit box (which are free if you ask nicely), and one at my
parents house 4000 km away. Because I'm not a total masochist, I also
keep most of the symmetric key in my password manager.

There is a risk every time the volume is mounted, but that's not really
high up on my threat model. I'm more worried about my laptop or backup
disk being stolen.

If you wanted to "escrow" the key by printing a couple copies out and
giving to board members, that seems reasonably secure *and* fault-tolerant.


On 8/11/15 8:26 AM, Torrie Fischer wrote:
> Hi, Noisebridge.
> I have a pile of Noisebridge on my desk.
> https://dl.pushbulletusercontent.com/q5KoC71ynK1lycjdmSV7EAvD3xgnbIuB/IMG_20150810_231613.jpg
> What can we do about these?
> I've been scanning lots of these into a git repository that gets backed up to 
> Ratchet. Some of them are done, but many more remain.
> In any case, I've kept all the dead tree copies around because I'm of the 
> paranoid type who still isn't really sure what would happen if the paper 
> originals were eaten and the keys to the repo were lost.
> Whats a good security approach to keeping such a repository around forever and 
> with a very low chance of all this stuff getting leaked out to the 'net? Some 
> of these things are Important Noisebridge Trees like bank documents, old 
> leases, legal things, etc. Important in the sense that Noisebridge is a 501c3 
> corporation and that'd be nice to keep around for a bit longer.
> Any noisebridgers have a good suggestion? I'm looking at this and it seems 
> like it'd be usable:
> https://github.com/StackExchange/blackbox
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20150811/88861b3c/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20150811/88861b3c/attachment-0003.sig>

More information about the Noisebridge-discuss mailing list