i use the password at boot thing for my netbook because of security and i was wondering if there was any way that if after three guesses on a single password it formatted the drive? it would just help for security
is there any wat that its possible?
Well I suppose you could rewrite grub (that boot thing) but how does this help? No one that wants your data would simply boot the drive they would simply mount it on another machines and read it.
Ok you could encrypt the drive but then if you would ever happen to forget the password or if the drive starts to go bad…poof no more data no hope of recovery. Security is a two edged sword.
yeah i see your point but i keep my data on my server as well so i wouldn’t be losing anything but no one would be able to get to my data and about the encryption thats what i have so it is harder to get to my data but not impossible thats why i wanted to do a 3 trys and no more data then it would be kept ‘safe’ well actually just destroyed but its ok because i sync my pcs every morning and evening so everythings the same
AFAIK there is no simple configuration but this is open source so you can take the source code and do it how you want. If you don’t know how to program you could hire someone that does.
But let use say that someone with knowledge gets the machine and really wants that data. He is not going to try and hack the password on the machine. He is going to image the drive and work with the cloned data to break the cypher.
IMO this is just false security. If someone has the machine he owns it.
If it is some idiot that gets the machine he won’t break the code or cypher so you are safe only from idiots.
So the real question is how valuable to someone else is this data?
On 2010-08-22 04:40, theacerguy wrote:
> yeah i see your point but i keep my data on my server as well so i
> wouldn’t be losing anything but no one would be able to get to my data
> and about the encryption thats what i have so it is harder to get to my
> data but not impossible thats why i wanted to do a 3 trys and no more
> data then it would be kept ‘safe’ well actually just destroyed but its
> ok because i sync my pcs every morning and evening so everythings the
You don’t understand the issue.
If somebody wants your data and gets physical access to your computer, the first thing they would do
to get the data, once they see the password on the screen, would be to power off your computer by
removing the cable - so no chance to reformat it. Then they open the computer, remove the hard disk,
and clone it using their own software - not yours.
We are not inside a (cheap) Hollywood movie.
Once they have the copy, they would work on a second copy, so that if they destroy it, they copy it
again - using their software, not yours.
From that point, if they have the resources and the interest, they could have a go at the password,
and if this fails, a go at breaking the cipher.
You might think of using the manufacturer cipher/password (see man hdparm). This is harder, the disk
does not allow copying the disk without the password. But the “bad guys”, or the “good guys” from
the goverment agency, may have access to special hardware, like swaping the plates from the disk
onto another disk which they can control and use to read the data, hopefully (for you) encrypted.
How hard is that encription? No idea.
Your only real chance at destroying the data in time would be the password, perhaps, and a physical
“bomb”, wired inside the hard disk, that would fire a hard magnetic pulse inside the metal cover,
triggered from an internal power source, when someone removes the cable or does something your
ingenuity can devise. I can not, I don’t know how to do such a thing.
I’m sure a real security expert, with enough knowledge and paranoia, could devise systems harder to
decode and break. Like, for example, a cypher dependent on sector position, perhaps, so that image
copy does not work. Or a raid like setup, with one disk the cipher, another the data.
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))