[mdlug] Password of DEATH

[Michael Mol]

On Sat, Jun 9, 2012 at 2:13 PM, Garry Stahl <tesral at wowway.com> wrote:
> The general gist I'm getting is if you travel keep all data in the cloud
> (Yes I know what the cloud is)  and nothing but publically avaialable
> software on a cheap netbook.for travel.  If officially stolen it's a bog
> stadnard netbook with nothing of interest.
>
> If it is away from you for any length of time dump the hard drive and
> start over from a clean install.  Said clean install can be carred with
> you as a DVD and external drive to install it.  A DVD becasue they
> cannot be altered one fixed.   Flash drives can have stuff added.
>
> I wouild still use the idea of a bluetooth deadman and be very up front
> about it.  For anti theft reasons this netbook will self destruct
> without certain security measures present.  Thee is no data on the device.
>
> Even if they steal it from you, you walk into any electronics stone, get
> another on your corporate card and conduct your business.
>
> And yes, it is theft even if they have a badge and uniforms.
>

I had another idea a day or so ago.

Go with the standard "encrypt the drive" approach. Don't use a key you
can remember; put it on a piece of paper. Before you cross the border,
take that piece of paper and mail it to yourself. After you've crossed
the border, pick it up.

You can explain the entire thing clearly and honestly to whoever's
demanding the key. AFAIK (but IANAL), they need probable cause to come
back and demand the key after you've gotten home.

(technical note: It may be saner to keep the main encryption key on
the computer, itself encrypted with another key. That way, you can
re-encrypt the main key using a different OTP any time you need to
cross another boundary...recrypting a 1M block would take a far
shorter time than an entire 160GB hard drive.)

-- 
:wq