Re: Laptops, Please!

For the technologically inclined, a possible solution to this problem is TrueCrypt’s ability to hide entire operating systems:

If your system partition or system drive is encrypted using TrueCrypt, you need to enter your pre-boot authentication password in the TrueCrypt Boot Loader screen after you turn on or restart your computer. It may happen that you are forced by somebody to decrypt the operating system or to reveal the pre-boot authentication password. There are many situations where you cannot refuse to do so (for example, due to extortion). TrueCrypt allows you to create a hidden operating system whose existence will be impossible to prove (provided that certain guidelines are followed — see below). Thus, you will not have to decrypt or reveal the password for the hidden operating system.

YMMV.

Update:
SF writes:

I really like Truecrypt and use it regularly.
Seizing laptops at border crossings is bad enough, but there is an even greater vulnerability, there or elsewhere.

Read
http://www.schneier.com/blog/archives/2008/07/truecrypts_deni.html

Hint: In general, when writing about computer security, or security in general, consult Schneier’s blog first.

While the deniable operating system has the theoretical ability to stop attackers, in practice it requires more diligence than even technically sophisticated people are likely to apply. See
http://www.truecrypt.org/docs/?s=hidden-volume-precautions

Schneier explains how to protect yourself at border crossings here:

http://www.schneier.com/essay-217.html

Anyone concerned about laptop or computer security should be very familiar with
Truecrypt
Eraser
COTSE
PasswordSafe
PuTTy

Share

1:33 pm on August 3, 2008