Life on the bleeding edge
Jamon Camisso
jamon.camisso-H217xnMUJC0sA/PxXw9srA at public.gmane.org
Sat Sep 30 22:37:51 UTC 2006
moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org wrote:
> Howard Gibson wrote:
>> On Sat, 30 Sep 2006 16:15:23 -0400
>> CLIFFORD ILKAY <clifford_ilkay-biY6FKoJMRdBDgjK7y7TUQ at public.gmane.org> wrote:
>>> On Saturday 30 September 2006 13:20, Howard Gibson wrote:
>>>
>>>> I did not set up a /home partition on my laptop. If someone
>>>> steals it, I want to maximize the difficulties of getting it to do
>>>> anything, much less provide access to all my files. With a little
>>>> luck, the Red Hat sticker will get the point across, ahead of time.
>>>>
>>>> If the thief can get into the BIOS and make it boot from install
>>>> media, they are going to have to blow away my root partition, and
>>>> any personal information I chose to leave on it.
>>>
>>> Wouldn't taking the hard drive out and attaching it to another
>>> machine, which boots from another device, circumvent the BIOS lock?
>>
>> I didn't say I could make it impossible. Making it difficult stops
>> most bad people.
>
> I don't understand why you think they'd have to delete your root partition.
> If they get around the bios, they can boot from a live CD, and then mount
> your root partition at some other mount point, unless I'm missing
> something.
> Takes a little knowledge but not very much.
>
> OTOH if you make /home a separate partition, then you can use AES loopback
> and encrypt it; this is presumably makes certain scenarios a little easier
> on you than if you were to encrypt the whole ball of wax, including the
> stuff that's needed at boot time.
At which point if someone is after your data, they take an image of your
encrypted drive, install some sort of rootkit to call home and upload
any changed sectors to a remote system, then xor the two (old image and
new sector) together... Then they return the unit with a smile, claiming
the best of intentions (you do have a business card on the bottom of
your laptop?).
Might as well go encrypted for the whole system unless you find the
performance hit is substantial. I could be off on this, but there is a
way using xor on sectors to get at any changed encrypted data.
Jamon
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list