[PLUG] script to make my laptop 'safe' for int'l travel?
Tim
tim-pdxlug at sentinelchicken.org
Mon Feb 18 03:35:41 UTC 2008
> > ... being able to conidently log someone into my laptop and demonstrate
> > that there is absolutely nothing suspicious without giving away any
> > confidential information is a good start.
>
> And therein lies the rub: what is "suspicious" to those who hold the keys
> to access the country? I suspect that it is a highly classified secret.
I have pondered this overall issue several times as it very important to
me. My laptop sometimes contains very sensitive security information
that my clients have provided to me under NDA. I think the only
solution that keeps me sleeping sound is to encrypt the partition with
the data. I could just encrypt files individually, but chances are I'd
forget some of them (or to wipe some deleted copy of them). In your
case, it would be a pain to think about every possible dot file you want
to clean out. Any third party tool would probably only work for the
specific software it knows about. Just encrypt /home and don't worry
about it.
While I agree that encrypting a hard drive would look suspicious to
border guards, I believe having it run Linux alone would be sufficiently
suspicious for them and if they had a chip on their shoulder that day,
they'd surely image my drive. If you really want to try and pull the
wool over on them with a "normal" computer, have a separate Windoze
partition that looks tame.
For me, the data I carry is worth more than the laptop. If they take my
laptop while the data is hopelessly inaccessible to them, at least I can
just tell my client: "I need to get that data from you again, but don't
worry, your network isn't compromised because of it."
HTH,
tim
More information about the PLUG
mailing list