U.S. Constitution – Amendment 4
Amendment 4 – Search and Seizure
“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
“Let them track my phones whereabouts, I have nothing to hide”.
“Let them read my email I have nothing to hide”
“Let them search my car I have nothing to hide”
“Let them search my house, kill my dog and scare the hell out of my kids, I have nothing to hide”
Does this irritate you? Do you get angry when a person you are talking to ignorantly blurts out “I have nothing to hide” and chuckles nervously? Well my friends you have met a freedom freeloader. Someone who relies on everyone else to protect their freedom and or someone who won’t lift a finger to preserve freedom they enjoy living under.
Today we are going to cover “whole disk encryption”. Truecrypt makes an awesome product that is free and will encrypt a file, group of files or a complete hard drive. The advantage of encrypting an entire hard drive is this. Most modern operating systems leak data to the hard drive when in use. Every time you do something on a computer that leaked data gets smeared all over the entire hard drive, you cannot stop it. Also the OS itself keeps track of everything you do. Not to mention every program you use keeps track of what you do. Needless to say your tracks are scattered all over the drive. If you encrypt the whole drive and shut the computer off then no one can examine the drive for the “leaked data”. Unless they force you to give them the key in which case TC has a system hidden inside a system of encryption that will be lesson two and we are not covering that in this phase. England has made it illegal to encrypt your drive and not turn over the key. Glad I don’t live there.
Before I go on I want to discuss passphrases. What’s a passphrase? A passphrase is a longer password. Let’s take a look at two passphrases and you tell me which is more secure.
It’s a trick question right? Nope! The longer is exponentially more difficult to brute force crack. Which one is easier to remember? This technique is called “hay stacking a needle” In this case the needle is your passphrase. Test your passphrase strength here. (https://www.grc.com/haystack.htm) Here is the time it would take a government computer array to crack both passphrases.
1.) Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second)6.22 thousand trillion trillion trillion centuries ( 1.96 x 1063)
2.) Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second)5.07 hundred billion trillion trillion trillion centuries (1.59 x 1071)
So if you are like me and don’t want anyone reading your computer because its none of their business and you like being secure in your papers and possessions then whole disk encryption is the answer.
Steps to take to whole disk encrypt…
1.) Download truecrypt (http://www.truecrypt.org/downloads) (Linux, Windows, Mac)
2.) Install TC (make sure you back up your stuff first just in case)
3.) Get a burnable cdrom ready because TC will ask you to burn an emergency ISO to it for drive recovery in case something happens and the drive wont boot. Do not worry the password is still needed to decrypt the drive even with the bootable cdrom.
4.) Open TC and go to “system” “encrypt system/partition drive”
5.) Encrypt windows system partition (if you have windows)
6.) Single boot (if you only have one operating system)
7.) Options –> AES / RIPEMD-160
8.) Hay stacked passphrase at least 30 characters long, simple but long is much better than short and difficult to remember
9.) Collecting data wiggle mouse around to create pool content
10.) Keys generated…next
11.) Rescue cdrom creation insert disk and burn then verify
12.) Burn disk
13.) Verify disk
14.) Wipe mode (none)
16.) Test complete (I think it asks to reboot either here or after this step)
17.) Encrypt drive (I think it asks to reboot either here or before this step)
18.) Done after a few hours