[mdlug] Password of DEATH
Jeff Hanson
jhansonxi at gmail.com
Tue Jun 5 17:36:55 EDT 2012
On Tue, Jun 5, 2012 at 1:21 AM, Garry Stahl <tesral at wowway.com> wrote:
> OK, the gob'ment has sezied yoir laptop and is holding you hostage for
> the password. Now you don't have anthung on there really. (I don't)
> Nothing critical or irreplacalbe, but dammit, it's none of their business.
>
> Suggestion, a second password that if entered goes nuclear on the hard
> drive deleting the thing wholesale without further action. Better yet
> it boots to a croot jail screen while deleting eveything in the Home
> partition (You do have a separate home partition, right)
>
> Is this doable with ah average Linux distro?
>
Use full drive encryption or don't bother (encrypting just /home is
rather stupid). The /boot needs to be unencrypted else it can't boot,
ask for the key, and mount the partition.
This is secure unless someone has access to the system and adds a
keylogger to /boot.
TPM can protect against this but it's possible to circumvent:
http://en.wikipedia.org/wiki/Cold_boot_attack
The easiest solution is to keep a safe copy of /boot on removable
media and boot from that for normal use. Configure /boot on the
built-in media to load a honeypot.
http://www.youtube.com/watch?v=U4oB28ksiIo
There is some dispute over the effectiveness of erasure by
overwriting. Some say a single pass is enough, some say it's
impossible to erase a drive completely:
http://www.vidarholen.net/~vidar/overwriting_hard_drive_data.pdf
My personal theory is that thermite always works.
The current legal theory is that government can force you to provide
the encryption key if they have proof that relevant evidence is
encrypted and you have the key. Without that, they can still use any
other legal means to access the contents:
http://www.slate.com/articles/technology/future_tense/2012/03/encrypted_files_child_pornography_and_the_fifth_amendment_.html
More information about the mdlug
mailing list