From: Panzer Boy <panzer@drown.slip.andrew.cmu.edu>
[...]
Blowing things up is nice and all but also lacks style (unless you nuke).
ROTFL ... I'd also second whoever mentioned not destroying evidence (and your own data remember? if there is actually a chance you get it back)
Basically a permently encrypted harddrive would be fine. Every boot up you need to enter a password. If the screen saver kicks in, you have to enter a password, or it reboots. Stuff like this.
Yes, that's probably the best way as otherwise moving disks to an other machine would bypass the protection. Still booting if no or wrong password is good too. But let's add something else: It may be possible (easy?) to hide a partition on the disk: buy two hard drives from a family with different capacity and same packages. Move the labels of the small one to the big one. Discard the small one :-) Use partitions corresponding to the capacity of the small one to store boring un-encrypted material, software, etc... Fix the scsi controller on the drive (re-program) to self-identify with the smaller format, but to obey access commands to the hidden area. You now have a computer and disk drive that boots as a boring system, with a medium size drive, but if you know about it, you can access an other partition of encrypted stuff. The (even not so) casual inspection of the stolen or confiscated system reveals only stuff that is not worth spending time on. Only a very detailed inspection, or a leak, reveals the encrypted stuff, still encrypted... Very frustrating. Of course, if your backups were not encrypted or if you wrote down the keys... This solution is even compatible with using a BIOS ROM glued to the motherboard that prevents unauthorized use of the computer. The hard drive and the motherboard are protected by two different mechanisms. Pierre. pierre@shell.portal.com
In reply to (Pierre Uszynski): | But let's add something else: | | It may be possible (easy?) to hide a partition on the disk: buy two hard [..] | The (even not so) casual inspection of the stolen or confiscated system | reveals only stuff that is not worth spending time on. Only a very | detailed inspection, or a leak, reveals the encrypted stuff, still | encrypted... Very frustrating. I think this approach is the safest of all mentioned. An earlier poster commented on the fact that attempting to play 'smart-ass' to your investigators is only going to result in more problems for you. Its a non-ideal world, and they definitely have the ability to cause you substantial problems. Essentially, you need an encryption system that is non-obvious and looks like totally unrelated data. Of course, it would be pointless to have your system looking _totally_ clean, because the fact they have seized it implies they know/suspect something is on there (essentially, the magnitude of what is on there is what they don't know, and in some cases they are entirely off track and find nothing). Encrypting your hard-drive entirely is only going to make them press you for its key, and become aggrivated at your non co-operation. I am no expert on investigation techniques, but having been involved in all 3 aspects ( investigator, investigatee and 3rd party viewer), I feel it is essential to show them everything that they think is there, and convince them (as they will not be as competent in cryptographic analysis as yourself [at least you hope]) that there is nothing hidden. This topic has been dealt with before on sci.crypt. An example I can think of at the moment is something like say you have some software which does known plaintext attacks using sets of word dictionaries. These word dictionaries could infact be encrypted information using some appropriate algorithm that maps words from /usr/dict/words into a new sequence. Of course the only problem with this approach is that your input information rate div output data rate is going to be quite small. Something else you can do is use a cipher which takes two input streams and merges them into the one file, with one key extracting the 'harmless' information and another extracting the 'harmfull' information. Matthew. -- Matthew Gream, M.Gream@uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state."
Something else you can do is use a cipher which takes two input streams and merges them into the one file, with one key extracting the 'harmless' information and another extracting the 'harmfull' information.
Matthew. -- Matthew Gream, M.Gream@uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state."
Has anybody writen one? Can we try for this as a feature in the next pgp? Should I write it myself? Of course I should... silly question... Ok does anybody have any suggestions or wishlists? Lemme know. Happy Hunting, -Chris ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner@indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" "If guns are outlawed, only the government will have guns." -E. Abbey My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 ------------------------------------------------------------------------------
participants (3)
-
Christian D. Odhner -
mgream@acacia.itd.uts.edu.au -
pierre@shell.portal.com