[sf-lug] Help get Ubuntu LiveCD to have encryption options!

Micah Lee micahflee at gmail.com
Thu Apr 28 17:49:57 PDT 2011

> Quoting Stefano Maffulli (smaffulli at gmail.com):
> I haven't installed a new version of Ubuntu for a long time: why would one
> need to encrypt the whole disk? IIRC Ubuntu's installer allows to encrypt
> /home partition: do I remember wrong?

Just encrypting /home leaves you vulnerable to lots of attacks that 
whole disk encryption protects against. For example, your swap partition 
will likely contain private data. Also, most of your software binaries 
are in /bin, /sbin, /usr/bin, /usr/sbin, and other similar places. If 
you only encrypt /home, an attacker with physical access can modify, for 
example, /usr/bin/ssh with a malicious version that sends them all of 
your ssh credentials whenever you run that program. Since /etc is not 
encrypted, an attacker can add a rootkit and make it start on boot. 
Whole disk encryption protects you against these attacks.

On 04/28/2011 05:31 PM, Rick Moen wrote:
> If memory serves:  The alternate disk offers that option.  The 'desktop'
> disk, the one that boots a live CD desktop with an optional graphical
> installer, does not.

I haven't tried installing Ubuntu from the graphical installer, but I 
believe they both give you the option to encrypt /home. But it uses 
ecryptfs which leaks metadata and has performance issues with large 
directories that luks/dm-crypt does not have.

> I personally always suggest favouring the alternate disk for
> installation, anyway.  Its ncurses-based installer program (which is
> Debian's installer) is considerably more robust, controllable, and able
> to be steered around occasional installation potholes.  Also faster and
> able to run in much less RAM, for obvious reasons.

The vast majority of Ubuntu users use the desktop CD to install, since 
this is recommended to them when they download from ubuntu.com. Really 
the only feature that the alternate CD gives me that the desktop CD 
doesn't (that I care about) is whole disk encryption, but that's a 
deal-breaker feature for me. It's great that the alternate CD exists, 
but if we ever hope to make it normal for laptop users to encrypt their 
drives, this has be closer to default behavior.

More information about the sf-lug mailing list