Deniability - Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service) - to be improved #33

Open
opened 2024-09-17 21:04:32 +02:00 by nihilist · 1 comment
Owner
No description provided.
nihilist added this to the OPSEC Tutorials (paid contributions) project 2024-09-17 21:04:32 +02:00
nihilist added the
Complex
label 2024-09-23 10:42:08 +02:00
Author
Owner

to be explained:
-threat model: an adversary busting down your door, and taking 10 seconds to sprint to your bedroom, where your PC is.
-what needs to be setup: when the adversary is at your computer, there must be no trace at all of your sensitive VMs, no logs, no processes, no RAM data, and the VC volume must be closed. In short, there needs to be a QUICK way of closing the hidden volume(s), with a simple shortcut

to be showcased:
-emergency shutdown script (as shown here:https://blog.nowhere.moe/opsec/physicalsecurity/index.html (CTRL+F emergency shutdown setup)) but that can be run by a regular user, NOT JUST BY THE ROOT USER, no time to type a password here
image

-from there, showcase how you can setup a cinnamon shortcut to run that script with a key combination
-from there showcase how you can AUTOMATICALLY run the script upon pressing the poweroff button of your computer (using systemd?)

-how to do run the same script, but on a local server (at the end of the emergency script, "ssh hostA /root/emergencyshutdown.sh & ssh hostB /root/emergencyshutdown.sh" >> in case if you have other hosts AT HOME that are in veracrypt hidden volumes

to be explained: -threat model: an adversary busting down your door, and taking 10 seconds to sprint to your bedroom, where your PC is. -what needs to be setup: when the adversary is at your computer, there must be no trace at all of your sensitive VMs, no logs, no processes, no RAM data, and the VC volume must be closed. In short, there needs to be a QUICK way of closing the hidden volume(s), with a simple shortcut to be showcased: -emergency shutdown script (as shown here:https://blog.nowhere.moe/opsec/physicalsecurity/index.html (CTRL+F emergency shutdown setup)) but that can be run by a regular user, NOT JUST BY THE ROOT USER, no time to type a password here ![image](/attachments/1f8eacbc-147b-4f95-b2a3-b7a487e235bd) -from there, showcase how you can setup a cinnamon shortcut to run that script with a key combination -from there showcase how you can AUTOMATICALLY run the script upon pressing the poweroff button of your computer (using systemd?) -how to do run the same script, but on a local server (at the end of the emergency script, "ssh hostA /root/emergencyshutdown.sh & ssh hostB /root/emergencyshutdown.sh" >> in case if you have other hosts AT HOME that are in veracrypt hidden volumes
nihilist changed title from Deniability - Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service) to Deniability - Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service) - to be improved 2024-09-23 14:46:14 +02:00
nihilist added the
To be improved / simplified / finished / fixed
label 2024-10-01 20:01:15 +02:00
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: nihilist/blog-contributions#33
No description provided.