Deniability - Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service) - to be improved #33

New Issue

nihilist · 2024-09-17T21:04:32+02:00

nihilist commented

2024-09-17 21:04:32 +02:00

No description provided.

nihilist added this to the OPSEC Tutorials (paid contributions) project 2024-09-17 21:04:32 +02:00

nihilist added the

Complex

label 2024-09-23 10:42:08 +02:00

nihilist commented

2024-09-23 12:24:47 +02:00

to be explained:
-threat model: an adversary busting down your door, and taking 10 seconds to sprint to your bedroom, where your PC is.
-what needs to be setup: when the adversary is at your computer, there must be no trace at all of your sensitive VMs, no logs, no processes, no RAM data, and the VC volume must be closed. In short, there needs to be a QUICK way of closing the hidden volume(s), with a simple shortcut

to be showcased:
-emergency shutdown script (as shown here:https://blog.nowhere.moe/opsec/physicalsecurity/index.html (CTRL+F emergency shutdown setup)) but that can be run by a regular user, NOT JUST BY THE ROOT USER, no time to type a password here

-from there, showcase how you can setup a cinnamon shortcut to run that script with a key combination
-from there showcase how you can AUTOMATICALLY run the script upon pressing the poweroff button of your computer (using systemd?)

-how to do run the same script, but on a local server (at the end of the emergency script, "ssh hostA /root/emergencyshutdown.sh & ssh hostB /root/emergencyshutdown.sh" >> in case if you have other hosts AT HOME that are in veracrypt hidden volumes

to be explained: -threat model: an adversary busting down your door, and taking 10 seconds to sprint to your bedroom, where your PC is. -what needs to be setup: when the adversary is at your computer, there must be no trace at all of your sensitive VMs, no logs, no processes, no RAM data, and the VC volume must be closed. In short, there needs to be a QUICK way of closing the hidden volume(s), with a simple shortcut to be showcased: -emergency shutdown script (as shown here:https://blog.nowhere.moe/opsec/physicalsecurity/index.html (CTRL+F emergency shutdown setup)) but that can be run by a regular user, NOT JUST BY THE ROOT USER, no time to type a password here ![image](/attachments/1f8eacbc-147b-4f95-b2a3-b7a487e235bd) -from there, showcase how you can setup a cinnamon shortcut to run that script with a key combination -from there showcase how you can AUTOMATICALLY run the script upon pressing the poweroff button of your computer (using systemd?) -how to do run the same script, but on a local server (at the end of the emergency script, "ssh hostA /root/emergencyshutdown.sh & ssh hostB /root/emergencyshutdown.sh" >> in case if you have other hosts AT HOME that are in veracrypt hidden volumes

image.png

98 KiB

nihilist changed title from ~~Deniability - Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service)~~ to Deniability - Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service) - to be improved

2024-09-23 14:46:14 +02:00

nihilist added the

To be improved / simplified / finished / fixed

label 2024-10-01 20:01:15 +02:00

Sign in to join this conversation.