Am 30.04.2016 um 14:01 schrieb Xen:
Daniel Bauer schreef op 30-04-2016 10:23:
As on the phone it was possible to simply plug an usb-cable to get full access to all it's contents even if it's "locked" (not completely switched off) with the default USB-settings, my question is:
- Provided somebody has physical access to my computer and could plug a cable, is there a similar possibility to access files on my LUKS-encrypted computer without the need of giving a password, while logged out or having screen locked with password?
They would need to hack the usb device driver through the USB device. The chances of that are extremely extremely remote, but possibly not beyond the realm of all possibility.
Concrete: somebody steels my encrypted laptop that is running, but the screen is locked by KDE. Can he get my files without knowing the pwd?
They have to keep your laptop running until they can freeze the memory with liquid CO2 or something similar
thats really cool :-)
and then take the RAM out or gain access to onboard RAM within maybe an hour and then copy the contents with another device, then search for the LUKS keys in memory.
I'm sure some people can (read, law enforcement) but ordinary people won't be able to do anything with it. Regular law enforcement will also not care about it or know about it and they will just let the thing run out of battery or whatever.
I don't care about official authorities, they can ask me for the password and I'll give it to them, no problem, as I guess they are not interested in stealing my bank account or publish private photos of my clients or blackmail them :-)
Unless you are a high profile target they know about in advance, it won't happen. Regular police would just arrest you, then send the laptop off for investigation, and days to weeks later they find out the entire thing was encrypted.
Most risky part would be leaving a (root) terminal open in a TTY (ctrl-alt-F2, for instance) because KDE DOESN'T LOCK THAT :D.
So if you want to be sure, don't leave TTY terminals open, and then there is hardly any risk (or not at all).
Alternatively someone would need to hack running services. Any sshd, httpd or similar could potentially be hacked. So if your adversary is very keen on those things he/she needs to keep the laptop running long enough to do that.
A regular airport thief won't be able to, I'm sure (but what do you know?). For that to happen there'd have to be some level or organized network and the airport thief instantly sells the laptop to someone else who has more resources.
Yeah. Well. All in all freezing the memory is the most likely effective course of action. But nobody is going to be interested in that except law enforcement unless you are a very special person that people have an eye on.
I am a special person, at least I feel so, and there are some that have an eye on me, but in a manner that I like :-)
Suppose you have enemies in the business world and you carry trade secrets with you? :P. I don't know. Someone might :p.
No, nothing special. I am just responsible not to give access to anybody to images I take from my clients. And of course I don't want to give access to my bank account, my websites admin, my e-mails... and would like to keep my private things private. That's all.
It is not beyond the realm of possibility. But. It depends on who steals your laptop and for what reason.
....lol?
:). I guess stranger things happen in life but ordinarily it can't happen.
-- Daniel Bauer photographer Basel Barcelona http://www.daniel-bauer.com room in Barcelona: https://www.airbnb.es/rooms/2416137 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org