[dave at farber.net: [IP] more on Police Blotter: Laptop border searches OK'd]
camera_lumina at hotmail.com
Mon Jul 31 01:35:03 PDT 2006
Hum. Is it possible to make a laptop boot up with a 'fake' (thouugh usable)
directory tree? Of course, if the copss do the math (and they likely won't)
they might be able too detect that there's a hell of a lot of nothing
somewhere on the drive, but methinks one can also put fake info about the
size of the disc and remaining space too.
And then of course if this confiscated laptop ever sees online, it should
squeal everything it knows about what's been attempted and/or accessed (ie,
to you the rightful owner, of course). And if it stays on line then one
should be able to remotely retrieve even the hidden and encrypted data.
meanwhile, the cops wil continue to believe that you've just got some fairly
banal usiness data on there.
One good thing is that I think this battle will ultimately be won in favor
of privacy. The statte can't really can't afford to train cops too be crypto
>From: Eugen Leitl <eugen at leitl.org>
>To: cypherpunks at jfet.org
>Subject: [dave at farber.net: [IP] more on Police Blotter: Laptop border
>Date: Fri, 28 Jul 2006 19:37:34 +0200
>----- Forwarded message from David Farber <dave at farber.net> -----
>From: David Farber <dave at farber.net>
>Date: Fri, 28 Jul 2006 13:32:54 -0400
>To: ip at v2.listbox.com
>Subject: [IP] more on Police Blotter: Laptop border searches OK'd
>X-Mailer: Apple Mail (2.752.2)
>Reply-To: dave at farber.net
>Begin forwarded message:
>From: Roger Weeks <rjw at mcn.org>
>Date: July 28, 2006 12:43:18 PM EDT
>To: dave at farber.net
>Subject: Re: [IP] more on Police Blotter: Laptop border searches OK'd
>For IP on the laptop border searches:
>I'm suprised that no one else has mentioned this so far, but this
>type of situation is one of the many excellent reasons to use an
>encrypted filesystem on your laptop hard disk, and to set up other
>types of security.
>For example, my PowerBook G4 is set up to use the built-in feature of
>OS X called FileVault, which encrypts the user's home directory. The
>home directory on OS X contains the browser cache for Safari,
>Firefox, and Camino, and I have to assume, any other browser cache
>for Opera and other browsers.
>I have also set an Open Firmware boot password. See
>for details. When I travel I never put my laptop to sleep, but
>rather I shut it all the way down. This is marginally less
>convenient, but it means that if my laptop is stolen or confiscated,
>the Open Firmware password will be the first thing that the attacker
>sees. Supposing that is broken, they will then have to deal with
>logging into my laptop.
>My root account is disabled, like all OS X installs. I have my login
>preferences set to not show the usernames on the computer, so the
>attacker will have to guess both a login name and password.
>If the attacker were to take the hard disk out of my laptop and make
>an image of it with forensic software, they would find an encrypted
>partition. I'm sure the NSA probably has the horsepower to throw at
>cracking AES-128 encryption, but chances are my laptop will never get
>to them if we're talking about local law enforcement.
>For those in the Windows or Linux world, you can set a BIOS password
>on your laptop which is very similar to the Open Firmware boot
>password for Apple Hardware.
>Windows XP and Windows 2003 both include support for encrypting
>filesystems using DESX or 3DES, via the Encrypted File System. PGP
>Corp sells a product called "PGP Whole Disk Encryption" for Windows
>2000 & XP that uses AES-256 encryption.
>Linux users can make a loopback encrypted filesystem for storing
>anything they wish to be encrypted. See http://www.tldp.org/HOWTO/
>Cryptoloop-HOWTO/ for details.
>I don't believe it is a crime in any US Federal or State law, or in
>Canadian law, to set passwords and use encryption. In the US, I
>believe that a warrant would be necessary for law enforcement to ask
>for your password, but I don't know if you have to comply. IANAL.
>Roger J. Weeks
>Systems & Network Administrator
>Mendocino Community Network
>Now offering DSL across California
>You are subscribed as eugen at leitl.org
>To manage your subscription, go to
>Archives at: http://www.interesting-people.org/archives/interesting-people/
>----- End forwarded message -----
>Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
>ICBM: 48.07100, 11.36820 http://www.ativel.com
>8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
>[demime 1.01d removed an attachment of type application/pgp-signature which
>had a name of signature.asc]
More information about the cypherpunks-legacy