Re: POISON PILL

[pierre@shell.portal.com (Pierre Uszynski)]

> From: Panzer Boy <panzer@drown.slip.andrew.cmu.edu>
> 
[...]
> Blowing things up is nice and all but also lacks style (unless you nuke).

ROTFL ... I'd also second whoever mentioned not destroying evidence (and
your own data remember? if there is actually a chance you get it back)

> Basically a permently encrypted harddrive would be fine.  Every boot up
> you need to enter a password.  If the screen saver kicks in, you have to
> enter a password, or it reboots.  Stuff like this.

Yes, that's probably the best way as otherwise moving disks to an other
machine would bypass the protection.

Still booting if no or wrong password is good too.

But let's add something else:

It may be possible (easy?) to hide a partition on the disk: buy two hard
drives from a family with different capacity and same packages. Move the
labels of the small one to the big one. Discard the small one :-) Use
partitions corresponding to the capacity of the small one to store
boring un-encrypted material, software, etc... Fix the scsi controller
on the drive (re-program) to self-identify with the smaller format,
but to obey access commands to the hidden area.

You now have a computer and disk drive that boots as a boring system,
with a medium size drive, but if you know about it, you can access
an other partition of encrypted stuff.

The (even not so) casual inspection of the stolen or confiscated system
reveals only stuff that is not worth spending time on. Only a very
detailed inspection, or a leak, reveals the encrypted stuff, still
encrypted... Very frustrating.

Of course, if your backups were not encrypted or if you wrote
down the keys...

This solution is even compatible with using a BIOS ROM glued to the
motherboard that prevents unauthorized use of the computer. The hard
drive and the motherboard are protected by two different mechanisms.

Pierre.
pierre@shell.portal.com