[liberationtech] Privacy in Ubuntu 12.10

[Micah Lee]

On 11/08/2012 05:18 AM, Niels ten Oever wrote:
> Dear Micah,
> 
> Small correction to your piece: Selecting full disk encryption in the
> installer GUI was already possible in Ubuntu 12.04.
> 
> The explanation wasn't as clear as it is now though.

Before 12.10 the Ubuntu GUI installer only let you set up home directory
encryption using encryptfs, which is different than full disk
encryption. This option is still there in 12.10, and you can choose to
use it as well as full disk encryption if you want (I can't see how it
could help though).

With encryptfs home directory encryption, all of the individual files in
your home folder get stored encrypted on the disk, but a lot of data
about your files still gets leaked. The directory structure, file size,
timestamps, etc. don't get encrypted, only the contents of the files.
And it's also only your home directory that gets encrypted, not your
whole disk. So for example, if you have any mysql databases on your
computer, that data gets stored in /var/lib/mysql and therefore won't
get encrypted. When you're not encrypting your whole hard drive, "evil
maid" style attacks become much easier. If someone gets physical access
to your computer for just a couple minutes, they can boot to a live cd
and replace your /usr/bin/ssh or /usr/bin/gpg with malicious versions.

The full disk encryption that's offered in 12.10 uses luks and differs
in many ways from encryptfs home directory encryption. It creates full
encrypted file systems, which means that no meta data about the files on
your computer get leaked. The key that's used to unlock the luks
partitions are encrypted with a separate passphrase that isn't your user
password, and you have to enter this each time you boot your computer,
which is more secure since user passwords tend to not be long passphrases.

-- 
Micah Lee
https://twitter.com/micahflee