[Resloved] Full Disk Encryption

www.truecrypt.org states that Linux is supported so long as you have either 2.4 or 2.6 kernel.

I've never used the program or heard of it before now; I would search their website for tutorials on how to get it working on Linux.

I'm sorry I can't be of more help to you, but I hope you solve your problem soon.

Ohhhh, I'm sorry I didn't understand that part at first.

BestCrypt apparently uses pre-boot authentication, doesn't that mean you would be as protected as if you were using whole drive encryption on Windows? The computer apparently can't even run the bootloader right? Or am I mistaken?

Also, try looking through these, which I haven't really done but you might find some help:

http://ubuntuforums.org/showthread.php?t=716161
http://ubuntuforums.org/showthread.php? … encryption

Also from the Ubuntu forum:
..."The easiest way to set up full-disk encryption  is to do it when first installing your system.

This can be done by using the Alternate CD instead of the Live CD and selecting 'Install with encrypted LVM' at the partitioning stage."

Now, the problem is that this advice is specifically for Ubuntu...

I recall some people talking about using a script to turn a minimal Ubuntu installation into #! 9.10; if you're using the alpha Statler then there's a problem.

Last edited by Schadt91 (2010-07-13 02:25:08)

Do let us know what you find out, and if you try it let us know how it works out; I'm sure you're not the only one here with an interest in the subject.

I have 100% no experience with LVM what so ever, but I have seen that statler has the option at install to use LVM's as well.

Second thing what is so safe that I don't use it: bios or boot password. (I'm so damn scared that I forget it )
A friend of mine has it, and before you get the bootscreen of the bios itself (probably th elogo of your brand of pc) you have to insert a password, if you don't have that password you can't do anything with the pc, except for turning it back off.

Edit: Typing to slow and much, exactly what pvsage says

Last edited by Andreas (2010-07-13 05:02:53)

true but once you have physical access, full access is just a matter of time what ever you do, a bios password is more protection than you are likely to see on most computers, and likely to set the bar high enough to deter most would be hackers, if they are willing to remove the battery, theyre willing to remove the harddrive for decryption later on.

The OP already knows that. Thats why he wants full disk-encryption like is possible with Truecrypt on Windows.

I did remember that BIOS can (or at least could) be cleared by popping the battery; I wasn't sure if newer BIOS chips had some less volatile media.  When I learned about the pop-the-BIOS-battery-to-clear-the-password trick, Intel was still recovering from the floating point math glitch in the original Pentium, so some of my knowledge is dated.

Is BIOS still powered by a button cell?

All modern motherboard clear BIOS setting with jumpers.
This is to provide recovery if a BIOS firmware update goes bad or it is in some way corrupted.

@jackbang
You can hack the password on Thinkpads. There are three types of passwords on the Thinkpad. The power on password (POP) which is reseted by removing the backup battery. The HDD password. And the Supervisor password (SVP).
The supervisor password is stored in the dedicated security chip you are talking about.
If you have a Thinkpad that is not too new, you can read the security chip via a simple interface. I just did this yesterday with an older Thinkpad R40. Check this page:
http://sodoityourself.com/hacking-ibm-thinkpad-bios