Life on the bleeding edge

moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org
Sat Sep 30 22:07:20 UTC 2006


Howard Gibson wrote:
> On Sat, 30 Sep 2006 16:15:23 -0400
> CLIFFORD ILKAY <clifford_ilkay-biY6FKoJMRdBDgjK7y7TUQ at public.gmane.org> wrote:
>> On Saturday 30 September 2006 13:20, Howard Gibson wrote:
>>
>>>   I did not set up a /home partition on my laptop.  If someone
>>> steals it, I want to maximize the difficulties of getting it to do
>>> anything, much less provide access to all my files.  With a little
>>> luck, the Red Hat sticker will get the point across, ahead of time.
>>>
>>>   If the thief can get into the BIOS and make it boot from install
>>> media, they are going to have to blow away my root partition, and
>>> any personal information I chose to leave on it.
>>
>> Wouldn't taking the hard drive out and attaching it to another 
>> machine, which boots from another device, circumvent the BIOS lock?
>
>    I didn't say I could make it impossible.  Making it difficult 
> stops most bad people.

I don't understand why you think they'd have to delete your root partition.
If they get around the bios, they can boot from a live CD, and then mount
your root partition at some other mount point, unless I'm missing something.
Takes a little knowledge but not very much.

OTOH if you make /home a separate partition, then you can use AES loopback
and encrypt it; this is presumably makes certain scenarios a little easier
on you than if you were to encrypt the whole ball of wax, including the
stuff that's needed at boot time.

--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list