Jump to content

How secure are files if my computer gets stolen?


coffeendonut
 Share

Recommended Posts

Hi all,

 

I'm sorry if this sounds like a dumb question but I've been searching for a while on the Net now and can't find anything that directly answers my paranoia.

 

A while back I learned of tools people can use to to reset the Administrator password on w2k and such.

 

Then it hit me recently, can this happen to me when I'm using MDK 10 official with ext3? What will happen if someone steals my computer with its hard disk contents? I've got a lot of stuff on it I care about and I do backups but only recently am I investigating encryption as part of the procedures.

 

I heard of something called loop, and also bestcrypt, but it seems I have to play around with them (compiling, etc.) to get them to work and quite frankly I'm way too newbie to try that stuff at the moment. Basically I tried the RPM & .tar.gz for bestcrypt but it spits out errors. The volunteers do a great job of putting everything so I can do urpmi but it seesm for bestcrypt I'm out lof luck.

 

It seems the only easy way to achieve my aims is to use gpg/gpa but it seems I have to specify each file explicitly which may not be the best, or write up some kind of script to recursively encrypt/decrypt whenver I'm done/beginning my work. Also, it makes me wonder if ext3 allows people to undelete stuff like windows.

 

Can someone out there help me sleep at night?

 

Thank you kindly,

Ben

Link to comment
Share on other sites

  • Replies 40
  • Created
  • Last Reply

Top Posters In This Topic

Hmmm

Other than a loopback filesystem I dunno.

File by file is certainly tedios.

 

I know thias works with knoppix but I havn't tried it. If its the problem with the RPM its probably becuase you need to add support for encrypted loopback in the kernel. I dont know if it works with MDK without a kernel recompile...

 

However kernel recompiles are not as intimidating as you might think.....

Consider also perhaps a USB key if you have limited numbers of sensitive files.

You can make an encrypted fs on this seperately.

Link to comment
Share on other sites

I hate to say it, but if your compy does get stolen, the data is as good as theirs unless it is encrypted.

 

It is easier than you would think to bypass root,

hit escape at lilo and type: linux 1, will give you a root account, form which the password can be changed with 'passwd'

 

iphitus

Link to comment
Share on other sites

just to point the obvious, conventional security stops working once physical access to the machine is achieved.

 

unless that security blows up the hardware for every x number of failed attempts. this is assuming you disable the linux 1/single bypass....

 

but then again that would be useless if...

 

 

point #2, security is an ongoing process. it never ends so i suggest you get a comfy pillow and bed so you can sleep better at night.

 

 

 

 

 

 

not much help, aint i? :D

 

ciao!

Link to comment
Share on other sites

Frankly,

 

As long as you obey certain rules, there should be not too much harm for regular home users (of course if you have on there the strategic plans of the next war you want to start that is different).

 

Most "finders" would just eraise the HD and not even bother trying to read the data on your disk. Even if they do, that does not have to be a disaster.

 

In my case, they would a lot of stuff they cannot use: family photo's and video, gags, they might even know how much is on my bank accounts and how much I earn. OK, I would prefer that this does not becomes public knowledge, but if it does, there is no disaster there.

 

What I would do in case of theft though, is to have all certificates revoked that might be stored on there, change my password to all my applications (ADSL connection, e-mail, and so on but certainly E-BANKING stuff).

 

Once that is done, they should not be able to do much harm anymore.

 

More then physical theft I would fear crackers, trojans, home-dialing apps, etc. They can steal your data without you knowing it. So the might possess your PWs without your knowledge, so without you changing them! They might even have copied private keys of certificates and sniffed the PIN codes whithout you knowing and revoking them!

 

Scary ain't it. And even encrypting your filesystem want help a thing.

 

Ciao,

 

Sitor

Link to comment
Share on other sites

Hi guys,

 

Holy smokes that is scary about root!! But I see how it is convenient as well. Thanks for replying, I am grateful we are part of such an active community.

 

Regarding mounting a secure volume on a USB key or what have you (I don't see why it would not equally apply to USB2 drives), can I do such a thing w/o figuring out BestCrypt/Loop/etc.?

 

I heard of this myth about mountloop but unlike everything mandrake it seems it's ill documented, no man page and the command line help is so brief:

 

usage: mountloop <enc> <file> <dir> [<fs type>]

 

Does anyone know the secrets to using mountloop? Could it possibly be useful in my scenario or perhaps just useful if I had something loop already in place?

 

Thank you kindly,

Ben

Link to comment
Share on other sites

I hate to say it, but if your compy does get stolen, the data is as good as theirs unless it is encrypted.

 

It is easier than you would think to bypass root,

hit escape at lilo and type: linux 1, will give you a root account, form which the password can be changed with 'passwd'

 

iphitus

It is possible to disable this - although I can't remember how.

 

I realise that's not that helpful - but I'm just pointing out that it doesn't have to be this way.

 

I'm not sure if Bastille Linux still exists, but if it does and it support Mandrake 10, then it contains a number of scripts that improve security on the machine even if the attacker does have physical access to it. Icluding disabling the kind of sign on that iphitus mentioned...

Link to comment
Share on other sites

Hi guys,

 

Holy smokes that is scary about root!! But I see how it is convenient as well. Thanks for replying, I am grateful we are part of such an active community.

 

Regarding mounting a secure volume on a USB key or what have you (I don't see why it would not equally apply to USB2 drives), can I do such a thing w/o figuring out BestCrypt/Loop/etc.?

 

I heard of this myth about mountloop but unlike everything mandrake it seems it's ill documented, no man page and the command line help is so brief:

 

usage: mountloop <enc> <file> <dir> [<fs type>]

 

Does anyone know the secrets to using mountloop? Could it possibly be useful in my scenario or perhaps just useful if I had something loop already in place?

 

Thank you kindly,

Ben

How to mount iso's..

 

mount -t iso9660 -o loop -rw $1 $2

 

where

 

$1 - location/name of iso file

$2 - mount point in your file system..

Link to comment
Share on other sites

Another idea if you have sensitive info on your computer.. Run a service that requires periodic (daily?) typing of a password or some other confirmation. This fails, a worm will start cleaning out (wiping byte by byte) your system.. Not sure this can be done, but this is linux... probably..

Link to comment
Share on other sites

hope everyone's aware that all the person would have to do is yank the hard drive, put it in another system running almost any *nix varient and they'd have access to the whole thing.

 

 

bottom line: if your computer gets stolen, your pretty well screwed.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share


×
×
  • Create New...