Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What does a laptop with a bunch of random data on its disk and a lot of evidence of use (grime, worn keys, etc.) let you deny that the same laptop with a generic Linux boot partition followed by random data does not let you deny?


Let's put it this way: say you want to prevent somebody from getting the data on a disk. Wouldn't writing random data over the entire disk be a good idea?


blkdiscard /dev/nvme0n1

No need to write anything. Better would be to use nvme tools to securely erase it ("format" is the terminology used)


The idea is to give you the plausible deniability, you can tell the cops you wiped it with random data, there is no password.

Your flash drive can't then be used as evidence that you haven't wiped it yet.

The initrd on the drive would be evidence you haven't wiped the drive.

Whether that gets you out of a jam and not in trouble for destroying evidence is another question.


So have one drive with FDE and a USB drive with /boot but in no explicit way configured to boot the first drive?

Or maybe a better setup is an internal drive with /boot and a system stripped from sensitive files then somewhere in the drive an hidden partition (not sure how to avoid the vanilla OS overwriting the hidden partition), then you can either boot the vanilla OS or map the hidden partition and boot from it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: