whitenoise Posted September 26, 2013 Share Posted September 26, 2013 (edited) Hey, relating on episode 1406 I have some questions about extending the idea of a portable secure linux-distro on an USB thumbdrive. In this episode it is explained how to set up an encrypted Linux OS. My idea was to extend the security with kind a dongle system. In case someone finds the encrypted USB there are still folders on it that aren't encrypted because they are used BEFORE the encryption starts (the whole boot stuff i.e.). I want to seperate that onto another Dongle-Key which is physically seperated from the actual os-USB-drive. That means that on the encrypted USB drive there is ONLY ENCRYPTED DATA and nothing else. This also will help against attacks on which the boot folder could become changed or the decryption-software is exchanged to a version including kind a keylogger or what ever. The unencrypted part of the USB drive is for sure a vulnerability. Was it possible to seperate the unencrypted stuff onto another dongle-usb-key which chainloads into the encrypted USB drive? Also the whole encryption/decryption software (including the keys which also have to be stored somewhere?!?!) should be on that dongle USB. Let's assume we are working with USB 3.0 and speed doesn't matter. How could that function? Thanks for your input, whitenoise Edited September 26, 2013 by whitenoise Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.