> -----Original Message----- > From: Daniel Pocock [mailto:dan...@pocock.pro] > Sent: Monday, July 31, 2017 5:55 AM > To: debian-user@lists.debian.org > Subject: Re: best practices for a fresh install on a laptop > > > > On 31/07/17 07:39, Daniel Pocock wrote: > > > > Hi all, > > > > I've recently had discussions with new users at various events who > > were installing Debian for the first time, usually on laptops. > > > > It is easy enough to run the installer and get Debian up and running. > > > > However, if the user is security conscious, or will be travelling to > > events and passing through hostile airport/border checkpoints, are > > there any extra suggestions about how the laptop could be setup? > > > > For example, should they use the default disk encryption strategy > > proposed by the Debian installer, or another strategy? Or should they > > be considering a derivative or something else? > > > > Another question that comes up when I have this discussion with new > > users, they want to reduce their dependence on cloud services, so what > > is the currently recommended way to sync or replicate content from > > their laptop disk for backup purposes? While I have various ways of > > doing this as a developer, what is proposed for non-developers? > > > > > I received a private reply seeking clarification of the threat model > > Standard threats affecting all people who travel with a laptop these days: > > 1. return of laptop for warranty service, technician has your data 2. > theft of > laptop 3. routine inspection by border officials (they may want the user > to log > in and type screen unlock password or briefly attach a device for > "checking" > the laptop) > > The user in mind: ordinary person who simply doesn't want to either: > > a) risk losing a copy of personal documents and photos when such loss > could > have been easily prevented, > > b) lose time answering questions at a border checkpoint because their > laptop > looks too secure or unusual. > > Obviously there are users who know they might be singled out for closer > scrutiny and they might go to extra effort but I'm simply asking about the > case of the ordinary user encountering ordinary but sometimes > unreasonably curious uniformed officials.
The above standard threat models are pretty much what the average person should worry about. Full disk encryption with a strong, unique password should be sufficient to prevent casual snooping or theft. Caveats to the above threat models: 0. Nothing is preventing anyone from taking a raw copy of the encrypted data, and later decrypting it. Assume that any data that is taken from you *will* be accessed one day, whether encrypted or not. 1. If the manufacturer needs access to your OS for whatever reason (a plausible example: they replace the wifi hardware and want to test it), they will want a login. They may, and probably will, refuse warranty service if they can't log in. Full disk encryption will likely be a bad idea; if they have access to your encryption key, the entire disk is open. A possible substitute is to set up eCryptfs to encrypt your /home partition, and set up a technician account for the warranty service explicitly. Alternatively, wipe/replace the hard drive and give them a bare bones OS install with just enough functionality for them to test. 2. Full disk encryption will keep a casual thief from accessing your data. No guarantees against a persistent thief, or worst case a three letter agency with a vendetta. But for this reason alone, full disk encryption is a good idea if you have anything even remotely worth taking (like passwords, pictures). 3. Carrying a laptop is not recommended if dealing with border officials. In fact, you should assume that your laptop will be forcibly taken by a border official (whether legal or otherwise), along with any other electronic device you may have. A "burner" laptop and phone is recommended when crossing borders. I do not recommend Truecrypt or similar, as border officials know all about Truecrypt, and will likely ask you to log into your "real" login. 4. If a government official wants you to provide the decryption key (whether such request is legal or not), and you refuse, you will probably be punished. Be prepared to lawyer up, and be prepared to have a bad time. Goes without saying, perform regular backups of your data using whatever method you are most comfortable with.
