poki @ poki @discuss.online

Posts

1

Comments

107

Joined

1 yr. ago

What’s your end goal here?

Incoming XY problem.

I want to prevent myself from reinstalling my system. The trick I came up with involved the use of files that couldn’t be disk cloned. However, if it’s far far easier to accomplish it through other means, then please feel free to enlighten me on this.

You try to keep files just on that one media without any options to make copies of them?

Yes.

Or maintain an image which has enforced files at their directories?

No, not necessarily.

And against what kind of scenarios?

Protecting myself from myself. That's where the password requirement comes in: I can send a delayed message to myself that holds the password. The end result shouldn't in the absolute sense prevent full access for always. Unlocking the protection should be possible and should require the involvement of the earlier mentioned password that is received through a delayed message. That way, those files can be accessed eventually, but only after I had intended to.

ACLs and SELinux aren’t useful as they can be simply bypassed by using another installation and overriding those as root

Excellent! I didn't know this. Thank you for clarifying this for me!

Only thing I can think of, up to a degree, is to use immutable media, like CD-R, where it’s physically impossible to move files once they’re in place and even that doesn’t prevent copying anything.

The files should remain on the same disk that I run my OS from. So, unfortunately, this doesn't quite help me. Thank you regardless!

Ok, I’m still not clear on exactly what you’re trying to achieve as I can’t quite see the connection between somehow preventing certain files being duplicated when cloning the disk and preventing yourself from reinstalling the system.

Premises:

• Very important files on disk (somehow) protected from copy/mv/clone whatever.
• Reinstalling my OS wipes the disk.

Therefore, I would lose those very important files if I were to attempt a wipe. If said files are important enough for me to reconsider wiping, then the act of protecting them from copy/mv/clone has fulfilled its job of preventing me from reinstalling the OS.

Bear in mind that reinstalling the system would replace all of the OS, so there’s no way to leave counter-measures there, and the disk itself can’t do anything to your data, even if it could detect a clone operation.

I understand.

If what you’re trying to protect against is someone who knows everything you do accessing your data, you could look to use TPM to store the encryption key for your FDE. That way you don’t know the password, it’s stored encrypted with a secret key that is, in turn, stored and protected by your CPU. That way a disk clone couldn’t be used on any hardware except your specific machine.

Very interesting. A couple of questions:

• Is it possible to only protect a set of files through this? So not the entire disk?
• Does TPM get flushed/randomized on OS reinstall?

Very informative. I appreciate it!

Understood. Thank you!

Very informative post. Thank you!

It has been my pleasure!

and joined their discord in preparation.

That will definitely help out a lot. Well thought!

Welcome on board 😉.

Clear. Thank you!

Alright. Thank you for your input!

Will do.

If you could be a bit more specific about your threat model people may have better ideas to help.

Threat model is me protecting myself from myself.

Incoming XY problem.

I want to prevent myself from reinstalling my system. The trick I came up with involved the use of files that couldn't be disk cloned. However, if it's far far easier to accomplish it through other means, then please feel free to enlighten me on this.

Thank you!

I'll straight up pose the question I asked someone else:

It seems I wasn't clear as most people misunderstood me.

But, to give a very precise example; say

• I had a folder called ~/some/folder.
• It was on an encrypted drive.
• And I had done additional work to encrypt the folder again.
• And say, I used chattr, chmod or chown or similar utilities that remove access as long as one doesn't have elevated privileges.
• And say, I had done whatever (additional thing) mentioned in your comment.

Then, what prevents whosoever, to copy that file through cloning the complete disk?

Even if they're not able to get past the password, it will be found on the cloned disk. SO, basically, I ask for some method that prevents the file to even be copied through a disk clone. I don't care that it has three passwords protecting it. What I want is for the disk clone (or whatever sophisticated copy/mv/cut or whatsoever utility exists) to somehow fail while trying to attempt the action on the protected files.

Do you need it to be failing on every device or just on a device that you control?

Actually, I'm fine with a solution that only works on a device that I control. But, failing on every device is nice as well.

The thing with file permissions is that I or root are able to change that. I am looking for a method (if it exists) that somehow bypasses that.

Scratch that, i missed a line. So simply files stored but not user readable.

But also not being able to be copied; even through a disk clone.

Someone without the password but with permission to modify the file will be capable of corrupting it (which would prevent you from accessing every protected file), but unless they somehow got access to the password they wouldn’t be able to view or modify the protected files.

Is it possible to force a corruption if a disk clone is attempted?

I've failed tremendously in making my demands come across :P .

Uhmm..., what you propose with gpg definitely solves one part of the puzzle.

But, if I understood correctly, it doesn't help to prevent a disk clone from getting hold of the files.

Yes, the files are encrypted, but that's not sufficient for my needs by itself. If the files would somehow destroy or corrupt themselves on a disk clone (or something to that effect), I would have acquired what I'm seeking.

I already use FDE. However, unless I'm wrong, FDE does not protect disk clone from occurring. Therefore, if one has access to the password, then also they have access to all my files; including the ones I specifically want to protect. Am I wrong?

So, I'll make it simple for ya, you don't need to understand why; however, I seek for some method that prevents files from being copied through disk cloning. Them files being encrypted or whatsoever doesn't do a thing if the password is known. Unless you propose a method by which the password used to decrypt/unlock the disk on device X doesn't work when it's cloned to another disk. If, somehow, one has to rely on another password to decrypt the disk on device Y, then that might make it work out.

This seems interesting. However, if I'm correct. What you suggest is not capable (by itself) to prevent said files to be copied through a disk clone. Am I right? Even if they're otherwise encrypted or inaccessible, then still they will come through the disk clone. Did I understood you correctly?

It seems I wasn't clear as most people misunderstood me.

But, to give a very precise example; say

• I had a folder called ~/some/folder.
• It was on an encrypted drive.
• And I had done additional work to encrypt the folder again.
• And say, I used chattr, chmod or chown or similar utilities that remove access as long as one doesn't have elevated privileges.
• And say, I had done whatever (additional thing) mentioned in your comment.

Then, what prevents whosoever, to copy that file through cloning the complete disk?

Even if they're not able to get past the password, it will be found on the cloned disk. SO, basically, I ask for some method that prevents the file to even be copied through a disk clone. I don't care that it has three passwords protecting it. What I want is for the disk clone (or whatever sophisticated copy/mv/cut or whatsoever utility exists) to somehow fail while trying to attempt the action on the protected files.