Best Practices - Encrypted ext drive/SSD/USB Flash

Hopefully some more knowledgeable here can assist me...

My setup: I use a live Ubuntu distro that I boot via USB. I have two external drives I use with this system, one is an external SSD drive, the other is a 2.5 inch 500gb USB external.

Both of these external drives have been fully encrypted using truecrypt, and incorporate hidden containers.

I'm looking for holes, basically. The linux system uses the ram, and I open the external drives using that distro. Of course, I always unmount the encrypted drives before powering linux down.

A. Any security issues re: the linux distro being on a USB drive? The OS itself is not persistent, but are there issues with boot flash drives and data fragments/retention?

B. The ext drives - as the entirety of the drive is encrypted, I'd assume that includes all fragments, etc. Any issues I should be aware of? If someone grabs the drive after accessing it a lot using the live linux distro, what are the forensic downsides (if any). If there are specific issues with the SSD vs 2.5 external drive approach, I'd appreciate any information you can give me.

I'm familiar with privacy issues as they relate to Windows and normal HDDs. SSD/Flash is new to me from that perspective, particularly when adding in the encryption and access from live linux. I've also used live cd's in the past, but USB is pretty handy, particularly with netbooks, and I'm not sure if that creates security issues in terms of writes to the USB drive while using the linux distro.

I'm trying to establish a best practices system with my setup. In my old roadwarrior setup, I kept to windows and vms, and scrubbed drives using Wipe and Clean or the like, along with various and sundry. I don't really know what (if any) actions need to be taken with my setup.

Apologies for the shotgun post/requests, and thanks in advance for any help given.

 

Your current setup is much more secure. Erasing or "scrubbing" files after they've been written to the drive in plaintext does not work. Your only options are either encrypt everything or wipe the complete partition. This applies more so to flash memory (you can't overwrite a specific file at all because of wear leveling), but to hdds too because of defragmentation, swap, slack, journaling, other FS features like MFT and VSS, temp files/registry and so on.
If you use encryption flash vs magnetic memory doesn't matter. Under the presumption that the used algorithm and implementation as well as your passphrase (!= pass_word_ ) is strong you are equally safe.

These are the only issues I can think of, some more, some less theoretical depending on your paranoia and adversary model:

Something is accidentally (bug, user error) written to the usb drive or to to the external drives outside the encrypted containers, partition level encryption would mitigate this (if I understand it correctly that's already the case but I wasn't sure from your wording)
The output of df and /etc/mtab would be helpful to verify if the usb stick is really mounted read only.

Truecrypt is backdoored/unsafe, the PRNG for example would make a nice target...
An option would be to stack two different encryption systems like cryptsetup for the partition and TC containers on top.

Your system gets hacked
Keep everything patched, use an access control system, "don't be stupid"

Evil maid attack, side channel attacks...
Keep the usb drive somewhere safe, don't immediately leave the computer after powering down (data remanence in RAM), don't sit with the back to a window (or even facing it, I've heard it's possible to read the screen through reflections on the pupils and other reflecting surfaces...)
For an overview on more attack vectors see wikipedia

Hardware keylogger
most are easily detectable but they can also be built right into the motherboard

Network attacks
if you connect to an untrusted network use encryption (tsl, vpn, ssh) and be wary of MITM.

Sure I forgot something
Now I should add again that it really depends on your threat model what kind of issues above you'd need to worry about. For a lot of cases what you have right now is already sufficiently secure out of the box.

 

Proof?

 

We're in the realm of twilight zone and James Bond, no proof needed.
Mrk

 

That is not what I have read about Truecrypt. They repeatedly state on their FAQ (http://www.truecrypt.org/faq) that there is no backdoor.

 

Was it really that misleading?

To paraphrase:
"In the - highly unlikely - case that there was a backdoor OR implementation error for example in the PRNG..."
Should be really obvious from the context... ("would" is another giveaway)

Mrk, I know your stance on these matters. What more do you expect me to do?
I explicitly used the terms theoretical and paranoia and stated the current setup is actually "good enough" for most _practical_ cases.

I also have to add that all the attacks I mentioned are all real and don't have much in common with "Hollywood science". Can't we discuss them here without constantly being reminded of the obvious?
Thanks.

And lol at giving the faq of a product as a source for such matters. Code reviews, scientific papers, cryptanalysis, that's the kind of thing to cite here. I don't have any at hands, hence you won't hear any definite claims in either direction. I merely mentioned a possibility (which has been proven through history that it's not all that unlikely as you would wish it to be).

 

katio, when you say a product is backdoored - prove it. Be a science man. Otherwise, you're playing Mel Gibson in the Conspiracy Theory. For instance, the window thing. What if he lives on fourth floor? What if he has drapes? What if the monitor is angled upwards? Can you point out a study that shows memory contents can be collected from a powered off dimm without using liquid nitrogen and doing it in a controlled lab?

My stance is not about theory or paranoia, especially not the second, cause you can't argue with paranoia, hence the term - fear or mistrust against all plausible evidence.

When you say good enough, everything is true within certain limit, down to quantum levels. So is his setup good enough? What does that mean? What's the error? Planck time? Quantum fluctuations in the flash? Black hole entropy? Casimir effects between disk places? See where I'm going.

For all practical purposes, encryption. period. any. period. good password. period. end of discussion. It's as simple as that. We can go for juicy scenarios, but it would not be fair toward less knowledgeable people who take these things seriously. We need to sow panic responsibly.

Just food for thought.

Mrk

 

Thanks for the considered replies. I actually answered one of my own questions last night by removing the hdd from my laptop and booting Ubuntu from USB. There I was, watching movies and editing documents on a (hard)driveless machine.

Yeah. So that was pretty cool. I felt like I was sitting on the moon. Difficult to do in this day and age, surrounded by things that are constantly taking our temperature.

I do full drive encryption, with the drives as a single partition. I'm not worried about Truecrypt for my needs. I'm more concerned about leaving data behind that can be picked up later. If I lose any of the drives, I don't want some hacker, er, "highly knowledgeable individual" to be able to recover identifying information, be it file fragments or system network history.

Based on that, it seems my only unanswered question is really about the Live USB drive. I've verified the Linux system itself is not persistent. The question would be, what about the free space on the USB drive outside the Ubuntu install? Would Ubuntu be writing any data to that, for any reason?

This is the only real area of weakness I can see, as it's really a hassle (too much so for my needs) to make a bootable USB that's also encrypted. It requires a full install to the USB and a lot of hoops to jump through. There is a USB stick out there that you unencrypt physically by entering a pin using a keypad on the stick itself. That's a solution for encrypted, bootable, even persistent, if you like. But it's expensive (for a stick) which goes against my own threat-model (losing the stick).

Appreciate the answers, really. I'm going to stay out of the Truecrypt debate. Though the idea of using two sets of encryption software in tandem is interesting. Perhaps the best model would be to use a commercial version for one and TC for the other. That reduces the likelihood of cooperation between the two entities, as they operate in entirely different arenas. This is the best way to analyze threat models of this nature, in my opinion. How many hoops would someone have to jump through? Unless your adversary is governmental or multinational (and in some exact cases, possibly even then), even the most persistent adversary (excellent PI with an international PI firm, for example) is going to give up on getting at that data.

So for me, encryption is really about keeping that type of person, or the accidental discoverer (lost USB) from getting at my information. Jockeying levels of software usage and using them in tandem would seem to me to add protection, as the commercial entity is going to be reluctant to admit any backdoor, and would probably (advisedly, from a legal standpoint) simply not build one in. Why deal with the legal hassle?

Anyway, thanks.

 

Mrk mentions one side of the medal "sow panic responsibly" which is a good point and I hope I didn't come across washing it away with levity.
The other side is "false sense of security". While (file system) encryption got you covered it's not an answer to everything.

One major point is the already mentioned network security. When you say "system network history" I understand you mean locally stored logs, but encryption doesn't stop there it goes beyond the system and applies to the network as well.

As for your "unanswered question", I already did. See above, or type:
more /etc/mtab
and post the output.

 

Okay, so what's the big deal? Simply delete your browsing history at the end of your sessions and don't leave anything personal on unencrypted space.

No.

Why not just create an encrypted file container in the free space of the USB stick? Truecrypt includes this feature. IMO you're far more worried than you need to be and over-complicating things in the process. Take Mrk's comments to heart.

 

I get where you're coming from, but - respectfully - I don't think you can really make that call without knowing all the specifics of my situation. There are various reasons a normal Joe-schmo like myself could be concerned with drive forensics deeper than clearing my browser cache. The scenarios below aren't my personal ones, but they could be someone's.

A. My wife is an uber computer geek who works for a data recovery company. She's also insanely jealous. So I use Ubuntu, in this example, to view my pron and keep the peace.

B. I'm a journalist operating in corrupt areas of the world, and have a need to keep information private.

C. I'm rich and have many enemies.

None of the above require me to be on the run, engaged in criminal acts or in the cross hairs of triple-letter organizations. All of them might require me to assume non-governmental, yet worthy adversaries.

Having said that, I apologize if I made it seem complex. I think that's just my own lack of know-how coming through - Linux is a brand new beast for me. In reality, it's pretty simple: ubuntu on usb, boot to system. Interact with fully encrypted external disk only while in the usb system. That's the long and short of it.

My questions, which have been ably answered, were basically:

A. Will Ubuntu in ram still somehow write to my HDD? The answer is clearly no. I took the HDD out and it worked just fine.

B. Will access of the external drive while unmounted "do something" to leave evidence behind on the external drive? The answer is no, and it was a pretty stupid question on my part, so my apologies. The drive is encrypted, ssd or not.

C. Will Ubuntu write outside the file system to the free space on the USB? Apparently, no, as it writes to ram. Katio, I reviewed your original and detailed reply to my OP. I did miss that, sorry. I'll run that later tonight and post it up. I have to say though, upon further consideration, formatting the drive after any use where security is concerned makes the best sense. Why not? It takes 10 minutes to create a new one from an ISO image, which can be carried around on your laptop.

Still, if I could comfortably eliminate even that, I'd be happy.

Hopefully, none of the above comes off in the wrong tone. No offense taken or intended by anything posted thus far. I appreciate the assistance. The whole subject of digital privacy covers SO many fields and topics that you really have to decide what you're going to become an "expert" in. I'm trying to assemble the machine, and it's completely new to me, and there are parts I'm just not going to try and grok at any deep level.

 

No offense at all and certainly no stupid questions either It's just that it's so common to see people in these forums getting over worked up with their security approach, and as a result go overkill with it. Most of us, myself included, have been down that road before, but in my case I eventually settled on an approach that mostly utilizes what's already built-in to the O/S (Windows in my case, as I only dabble in Linux every so often). Anyway, as you've explained your situation, you do indeed from the looks of things stand to lose more than the average joe, but I do feel the Linux-on-a-stick approach will work well, and also in cases where you don't need to keep data saved, the bootable cd as Mrk mentioned could serve well. I know that when I used Knoppix and Mint on a USB, I was able to allocate some disk space for persistent data, and it worked rather well; for example, I could update the distro and all updates were there when I re-booted, so you may want to be wary of this functionality where sensitive data is concerned. However, if you can create an encrypted file container with a very strong password, and you are diligent about moving your sensitive data to it before closing, then you've probably got nothing to worry about. Hopefully you eventually arrive at a setup you are comfortable with

 

Non sequitur. Or I'm misunderstanding your reasoning.
But as with your question C. you can easily verify this by looking at what partitions are mounted and in which way they are mounted.
Ideally you'd have all unencrypted partitions mounted "ro" and only encrypted partitions mounted writable. However even if that's not the case depending on what sort of directories we are talking about (some knowledge of FHS is required) I'm sure no sensitive (i.e. non system) files are going to be written to non-encrypted partitions with you current setup. That is assuming there's no rogue software running on the system but then you'd have bigger problems to worry about.
Therefore besides securing your network I also suggest sticking to official repos and tested apps to minimise any software based attack vectors.

Anyway the software risk is a low one and the only reason I mentioned this at all is the thousand times more likely user error: The one where you absentmindedly or inadvertently write sensitive stuff outside the encrypted containers...

 

Thank you both for your assistance and patience. I think that phrase - "sow paranoia responsibly" - is great. I've been down the less responsible road, too, and not only is it unnecessary, it's just no fun. I spent a month once, as an experiment (and a bet) between myself and some friends, adhering to the most crazed and stringent uber-paranoid practices in terms of internet, hard disk, encryption, etc, etc, etc.

The result? Life was insufferable. : ) It was an educational experience, so I understand the balance and am always looking for mine.

Katio, I ran that command, and here's the result:

aufs / aufs rw 0 0
none /proc proc rw,noexec,nosuid,nodev 0 0
none /sys sysfs rw,noexec,nosuid,nodev 0 0
none /dev devtmpfs rw,mode=0755 0 0
none /dev/pts devpts rw,noexec,nosuid,gid=5,mode=0620 0 0
/dev/sdb1 /cdrom vfat ro,noatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=
iso8859-1,shortname=mixed,errors=remount-ro 0 0
/dev/loop0 /rofs squashfs ro,noatime 0 0
none /sys/fs/fuse/connections fusectl rw 0 0
none /sys/kernel/debug debugfs rw 0 0
none /sys/kernel/security securityfs rw 0 0
none /dev/shm tmpfs rw,nosuid,nodev 0 0
tmpfs /tmp tmpfs rw,nosuid,nodev 0 0
none /var/run tmpfs rw,nosuid,mode=0755 0 0
none /var/lock tmpfs rw,noexec,nosuid,nodev 0 0
none /lib/init/rw tmpfs rw,nosuid,mode=0755 0 0
binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,noexec,nosuid,nodev 0 0
gvfs-fuse-daemon /home/custom/.gvfs fuse.gvfs-fuse-daemon rw,nosuid,nodev,user=c
ustom 0 0

I really don't understand much of the above... There is an HDD on this particular laptop, containing a Windows install. The HDD shows up in Ubuntu file browser and disk utility, but it is not mounted. There are two icons for this disk in the File Browser. One says "320 GB Hard Disk: Acer" and the other says "320 GB Hard Disk: SYSTEM RESERVED".

Unless I'm missing something (always possible) it would seem I'm good as regards the laptop HDD, yes? It's not even mounted inside Linux.

One day this will all be irrelevant. True, independent virtualization (the completely sandboxed kind) will come around, sooner or later. Then you'll be able to do things like Full System encryption with a hidden OS inside a VM.

I can dream.

 

Everything as expected. All the rw FSs are mounted in RAM. Unless you manually mount additional partitions no changes will survive a reboot.