Results 1 to 7 of 7

Thread: Two passwords, 1st normal, 2nd triggers system format ?

  1. #1
    Join Date
    Jun 2006
    Beans
    Hidden!

    Two passwords, 1st normal, 2nd triggers system format ?

    Hi,

    I'd like to know if something like this already exists :

    have an ecryptfs encrypted user account on a laptop that accepts two logins, 1st logs normally, the second triggers a system format ?

    Best regards

  2. #2
    Join Date
    Aug 2006
    Beans
    1,223

    Re: Two passwords, 1st normal, 2nd triggers system format ?

    I know truecrypt can give you two passwords for an encrypted disk, one to open a secure OS and one to open your regular OS. Any use?
    There's no place like ~/

  3. #3
    Join Date
    Jun 2010
    Location
    asoko
    Beans
    834
    Distro
    Ubuntu

    Re: Two passwords, 1st normal, 2nd triggers system format ?

    ultimately, the only way to really destroy data in realtime is either mechanical or electromagnetic. there are several portable devices that claim to be able to do this, but you do need a combo of specialized hardware and software to make it happen.

    in your circumstances, the likely hood is that as soon as the attacker realizes what is happening they will just kill the machine to stop the data loss. since you are obiviously worried that your encrypted data will be analyzed and decrypted, that doesn't help you much. second, formatting is not a secure operation and can be undone unless the disk surface is scrubbed (which can take days on large volumes).

    additionally, your criteria requires an event to occur, resulting in an action, and for that to happen, software has to be listening for that event. all the attacker has to do is move the data to another device that does not have software waiting for the event (perhaps a custom version of the libs for encryptfs), using something like a live CD or just physically moving the drive.

    in the long run, check out the intro sequence to the (terrible, yet funny) movie "The Core". the "Hacker" character uses modified difibulator paddles (changed to an EM feild generator) to erase all his drives in about a minute. no idea if the physics actually backs that up however. intriguing idea.

  4. #4
    Join Date
    Jun 2006
    Beans
    Hidden!

    Re: Two passwords, 1st normal, 2nd triggers system format ?

    Haha didn't know about the defibrillator technique . Well you're right it seems like anyone with the will to hack into a system will succeed unless you really use the most advanced machinery, so I think I'll just stick with ecryptfs. At some point I was also think of having something that dependending on the password, woudl either mount an ecryptfs home (the real one) or another home folder used as a deterrent, in which sensitive files would be unavailable. Like having two systems in one without anyone knowing about it. So under pressure you would give away the deterrent.

    thanks.

  5. #5
    Join Date
    Aug 2006
    Beans
    1,223

    Re: Two passwords, 1st normal, 2nd triggers system format ?

    Quote Originally Posted by remi_2 View Post
    Haha didn't know about the defibrillator technique . Well you're right it seems like anyone with the will to hack into a system will succeed unless you really use the most advanced machinery, so I think I'll just stick with ecryptfs. At some point I was also think of having something that dependending on the password, woudl either mount an ecryptfs home (the real one) or another home folder used as a deterrent, in which sensitive files would be unavailable. Like having two systems in one without anyone knowing about it. So under pressure you would give away the deterrent.

    thanks.
    What you are describing here is similar to truecrypt's 'Hidden OS' feature. I believe they call it 'Plausible deniability'.
    There's no place like ~/

  6. #6
    Join Date
    Jun 2006
    Beans
    Hidden!

    Re: Two passwords, 1st normal, 2nd triggers system format ?

    Quote Originally Posted by Joe of loath View Post
    What you are describing here is similar to truecrypt's 'Hidden OS' feature. I believe they call it 'Plausible deniability'.
    that's the idea, except I wanted to take it one step further and trash the data in case something goes wrong.

  7. #7
    Join Date
    Jan 2011
    Beans
    1

    Re: Two passwords, 1st normal, 2nd triggers system format ?

    If you use Truecrypt's hidden OS-function, you could install Ubuntu as the hidden one, and something like tinycore as the ordinary. Then you would have to make tinycore run in ram, which would allow you to run a script when tinycore is booting that would wipe your entire harddrive.
    I'm using tinycore as an example, because it is the smallest and fastest OS I know.
    But since the truecrypt-encrypted partitions is already encrypted, it might would be easier/faster to simply just wipe the encryption-headers and the backup of these (See http://www.truecrypt.org/docs/volume...-specification).
    To the best of my knowledge it would be impossible to decrypt a volume, if the encryption headers are missing. (Unless you crack the algorithm itself, I suppose).
    Last edited by raspb3rry; January 27th, 2011 at 11:38 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •