Results 1 to 10 of 10

Thread: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

  1. #1
    Join Date
    Jun 2007
    Location
    Portland, Oregon
    Beans
    270
    Distro
    Ubuntu 12.04 Precise Pangolin

    Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    After reading recent stories on Slashdot about TSA agents copying whole hard drives and impounding suspicious laptops at the (US) border, I've decided that, as someone running a less-common (i.e., suspicious) operating system, I should look into encrypting my trusty Compaq laptop.

    My laptop is currently dual-boot with Vista and Ubuntu, with the Vista partition being used mainly to update Windows Vista.

    What I would like to do is leave the original, much-truncated, and mostly unused Vista partition intact and unencrypted so that I can turn my laptop on and let Homeland Security rifle through the rather boring files on the Windows partition, without there obviously being a second partition, with its own operating system, where all the juicy stuff is kept, like company files, bank info, personal e-mails, embarrassing attempts at short fiction, etc.

    I could sort of do this now by reconfiguring Grub to automatically boot into Windows before I land, but that doesn't help if I happen to be selected for whole-hard-drive copying, if somebody pops in a BackTrack Linux LiveCD, or something like that.

    I know it's possible to do this in Fedora 9 with relative ease, but I'm partial to Ubuntu. Does anyone have some insight on how to pull this off?

    Don't misunderstand my motives. I don't have much of anything illegal on my computer (at least until the Federal copyright police get going). I just don't feel like letting DHS celebrate the 4th Amendment's continuing coma by sifting through my personal stuff for traces of Evil.

  2. #2
    Join Date
    Feb 2007
    Location
    /dev/random
    Beans
    671
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    Hi,

    Frankly, that would be a waste of time and effort. In the vanishingly small chance that you do get tapped for imaging, how are you going to explain all the missing real estate on that drive?

    It's not going to be some $16/hr TSA gate agent type that's going to be doing the forensics, it's going to be someone considerably better qualified, equipped with tools from both commercial sources (like Encase) and what the NSA/CIA/DIS have. When this person sees the structure ... you've clearly something to hide. That's like bleeding into a pool of sharks. They'll be all over you. Forever.

    Setting GRUB to boot Vista is good enough. All the gate TSA type wants to see is a functioning computer.
    Main system: Dell 1420n - C2D T5250, 4GB RAM, 120GB SATA. Ubuntu 8.04.3.
    Assorted VMs (via VBox). Favorites: Fedora, FreeBSD, Solaris.

  3. #3
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    what do you actually want to do?

  4. #4
    Join Date
    Feb 2006
    Beans
    457

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    Stories on Slashdot
    IMHO not a good reason for baiting the TSA but you may well think otherwise.

    If you wish to make a stand on your principles about searches, encryption, censorship and other like causes then a trip over to eff.org may be time better spent.

  5. #5
    Join Date
    Jun 2007
    Location
    Portland, Oregon
    Beans
    270
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    Quote Originally Posted by hyper_ch View Post
    what do you actually want to do?
    Politics aside, I want to be able to create an encrypted logical volume at (re)install time to contain Ubuntu, while keeping the manufacturer-installed OS intact and unchanged (other than having much less real estate than it had originally) on its own partition, all on one hard drive.

    Fedora 9 seems to have an automated process as part of its installer that does just this, and I'm wondering if I can manually get Ubuntu's installer to pull off a similar feat.

  6. #6
    Join Date
    Jun 2007
    Location
    SO ILL
    Beans
    112
    Distro
    Ubuntu Development Release

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    As it stands now the only way to create the encrypted volume at install time is through the command line installer (alternate cd), it may be possible to do after the fact but i'm not sure on that one. I believe there is a how-to here in the forums. I've never tried it myself as I keep all my important info in a true-crypt container.


    EDIT: This might help out
    http://learninginlinux.wordpress.com...sk-encryption/
    Last edited by Scotty Bones; June 13th, 2008 at 11:40 PM.
    Socialism is a philosophy of failure, the creed of ignorance, and the gospel of envy, its inherent virtue is the equal sharing of misery - Winston Churchill

  7. #7
    Join Date
    Feb 2007
    Location
    /dev/random
    Beans
    671
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    @tubbygweilo:

    I don't think the OP meant "bait" as in baiting or provoking. I believe he meant it as in something for the TSA to fixate upon. The link to the EFF was a good'un - wish I'd thought to do that.

    @Dynaflow:

    One last pass, then I let it rest. You're thinking emotionally. Don't. Think tactically, counter measure vs. measure. Encryption is not a viable tactical response either, they'll ask for the key - then what? Refuse, or tell 'em "I forgot" and they'll just wave you through?

    Not. Going. To. Happen. Delay of your travel and an interview with people who have had their sense of humor removed, cavity searches, seizure of the gear. That's what happens.

    You've already hit on a sound tactic: Give them what they expect - Vista with some ordinary stuff. Better still, off-load anything that could be considered "suspicious" before travel. Placing confidential data on a server somewhere, access via VPN is what the experts recommend.
    Main system: Dell 1420n - C2D T5250, 4GB RAM, 120GB SATA. Ubuntu 8.04.3.
    Assorted VMs (via VBox). Favorites: Fedora, FreeBSD, Solaris.

  8. #8
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    if you haven't installed linux yet, you can do setup a dualboot device and with the alternate cd you can directly encrypt it during install....

    however first you'd need to free some space on the partition and I'd use the vista partitioner for that.

  9. #9
    Join Date
    Jun 2007
    Location
    Portland, Oregon
    Beans
    270
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    Quote Originally Posted by niteshifter View Post

    I don't think the OP meant "bait" as in baiting or provoking. I believe he meant it as in something for the TSA to fixate upon. ...
    Correct.

    ...
    One last pass, then I let it rest. You're thinking emotionally. Don't. Think tactically, counter measure vs. measure. Encryption is not a viable tactical response either, they'll ask for the key - then what? Refuse, or tell 'em "I forgot" and they'll just wave you through?

    Not. Going. To. Happen. Delay of your travel and an interview with people who have had their sense of humor removed, cavity searches, seizure of the gear. That's what happens. ...
    The laptop was cheap, and I would rather have it seized, suffer a delay, and have it be known that I refused to give up a password than give those people a detailed, data-mineable, 80GB snapshot of my life and work to keep on file somewhere into perpetuity. There are some things I just won't compromise on. The VPN idea is a good one, though.

    (I've been an ACLU member for years, and have been cheering for the EFF as a like-minded organization for quite a while now. Maybe it's time I started sending them donations now too.)

    Quote Originally Posted by hyper_ch View Post
    if you haven't installed linux yet, you can do setup a dualboot device and with the alternate cd you can directly encrypt it during install....

    however first you'd need to free some space on the partition and I'd use the vista partitioner for that.
    It's been dual booting Ubuntu and Vista since the day after I bought it last November.

    From what I've understood in using the Ubuntu alternate CD, if I want Ubuntu fully contained within an encrypted filesystem, I would be limited (with the default options, at least) to doing full-disk encryption and a full-disk install. Am I missing something obvious here?

    What I want to do is reinstall Ubuntu in such a way that its partition is encrypted without having to encrypt the entire disk (which would entail paving over the Vista partition with the new, encrypted filesystem and then having to reinstall Vista within that, which I don't think my cruddy restore disks would deign to let happen anyway).

    I have done this with Fedora 9 on a couple of computers using the automated tool in Fedora's installer (see this and this), and I'm wondering if and how I can do something similar, manually, with Ubuntu.
    Last edited by Dynaflow; June 14th, 2008 at 09:55 AM.

  10. #10
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Using uncrypted Vista partition as TSA bait and encrypting Hardy partition - how?

    No, it's a fully encrypted linux (or rather almos). You'll need an unencrypted /boot partition and then rest will be encrypted... this will not touch the windows partitions.

    However, if you fully encrypt your partitions, you also need to ahve a backup somewhere...

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •