Ubuntu encrypted hard drive - possible to crack? [closed]












6















I'm using Ubuntu 18.04 on my laptop. If someone would steal my laptop, would it be possible for them to access my data stored on the laptop? Could any of them access my data, not just random people but people who really know what they are doing?




  • I'm using a pretty strong password using a special character, capitalized/normal characters and a digit.


  • I encrypted the hard drive when i installed Ubuntu











share|improve this question















closed as too broad by Kevin Bowen, Braiam, DK Bose, muru, N0rbert Dec 16 '18 at 8:18


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.











  • 1





    Sorry i forgot to mention, i did choose the option when first time installing Ubuntu to use the encryption, is this what you mean?

    – wimdewild
    Dec 15 '18 at 19:58











  • Nothing is "Hackproof" but yes Ubuntu is more "Hack-Resistant" than Windows if that is your comparison. Part of the reason is technology but mostly Hackers prefer to target the Window's User Base because pickings are more juicy and easier prey.

    – WinEunuuchs2Unix
    Dec 15 '18 at 20:29











  • @WinEunuuchs2Unix Not to start a flamewar... but what do you base that on? Windows has improved a lot over the previous five years.

    – vidarlo
    Dec 15 '18 at 20:45






  • 1





    Not by a longshot.

    – einpoklum
    Dec 15 '18 at 21:32






  • 3





    obligatory xkcd: xkcd.com/538

    – njzk2
    Dec 15 '18 at 21:37
















6















I'm using Ubuntu 18.04 on my laptop. If someone would steal my laptop, would it be possible for them to access my data stored on the laptop? Could any of them access my data, not just random people but people who really know what they are doing?




  • I'm using a pretty strong password using a special character, capitalized/normal characters and a digit.


  • I encrypted the hard drive when i installed Ubuntu











share|improve this question















closed as too broad by Kevin Bowen, Braiam, DK Bose, muru, N0rbert Dec 16 '18 at 8:18


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.











  • 1





    Sorry i forgot to mention, i did choose the option when first time installing Ubuntu to use the encryption, is this what you mean?

    – wimdewild
    Dec 15 '18 at 19:58











  • Nothing is "Hackproof" but yes Ubuntu is more "Hack-Resistant" than Windows if that is your comparison. Part of the reason is technology but mostly Hackers prefer to target the Window's User Base because pickings are more juicy and easier prey.

    – WinEunuuchs2Unix
    Dec 15 '18 at 20:29











  • @WinEunuuchs2Unix Not to start a flamewar... but what do you base that on? Windows has improved a lot over the previous five years.

    – vidarlo
    Dec 15 '18 at 20:45






  • 1





    Not by a longshot.

    – einpoklum
    Dec 15 '18 at 21:32






  • 3





    obligatory xkcd: xkcd.com/538

    – njzk2
    Dec 15 '18 at 21:37














6












6








6


2






I'm using Ubuntu 18.04 on my laptop. If someone would steal my laptop, would it be possible for them to access my data stored on the laptop? Could any of them access my data, not just random people but people who really know what they are doing?




  • I'm using a pretty strong password using a special character, capitalized/normal characters and a digit.


  • I encrypted the hard drive when i installed Ubuntu











share|improve this question
















I'm using Ubuntu 18.04 on my laptop. If someone would steal my laptop, would it be possible for them to access my data stored on the laptop? Could any of them access my data, not just random people but people who really know what they are doing?




  • I'm using a pretty strong password using a special character, capitalized/normal characters and a digit.


  • I encrypted the hard drive when i installed Ubuntu








password security encryption shutdown hacking






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 16 '18 at 2:51







wimdewild

















asked Dec 15 '18 at 19:37









wimdewildwimdewild

375




375




closed as too broad by Kevin Bowen, Braiam, DK Bose, muru, N0rbert Dec 16 '18 at 8:18


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.






closed as too broad by Kevin Bowen, Braiam, DK Bose, muru, N0rbert Dec 16 '18 at 8:18


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.










  • 1





    Sorry i forgot to mention, i did choose the option when first time installing Ubuntu to use the encryption, is this what you mean?

    – wimdewild
    Dec 15 '18 at 19:58











  • Nothing is "Hackproof" but yes Ubuntu is more "Hack-Resistant" than Windows if that is your comparison. Part of the reason is technology but mostly Hackers prefer to target the Window's User Base because pickings are more juicy and easier prey.

    – WinEunuuchs2Unix
    Dec 15 '18 at 20:29











  • @WinEunuuchs2Unix Not to start a flamewar... but what do you base that on? Windows has improved a lot over the previous five years.

    – vidarlo
    Dec 15 '18 at 20:45






  • 1





    Not by a longshot.

    – einpoklum
    Dec 15 '18 at 21:32






  • 3





    obligatory xkcd: xkcd.com/538

    – njzk2
    Dec 15 '18 at 21:37














  • 1





    Sorry i forgot to mention, i did choose the option when first time installing Ubuntu to use the encryption, is this what you mean?

    – wimdewild
    Dec 15 '18 at 19:58











  • Nothing is "Hackproof" but yes Ubuntu is more "Hack-Resistant" than Windows if that is your comparison. Part of the reason is technology but mostly Hackers prefer to target the Window's User Base because pickings are more juicy and easier prey.

    – WinEunuuchs2Unix
    Dec 15 '18 at 20:29











  • @WinEunuuchs2Unix Not to start a flamewar... but what do you base that on? Windows has improved a lot over the previous five years.

    – vidarlo
    Dec 15 '18 at 20:45






  • 1





    Not by a longshot.

    – einpoklum
    Dec 15 '18 at 21:32






  • 3





    obligatory xkcd: xkcd.com/538

    – njzk2
    Dec 15 '18 at 21:37








1




1





Sorry i forgot to mention, i did choose the option when first time installing Ubuntu to use the encryption, is this what you mean?

– wimdewild
Dec 15 '18 at 19:58





Sorry i forgot to mention, i did choose the option when first time installing Ubuntu to use the encryption, is this what you mean?

– wimdewild
Dec 15 '18 at 19:58













Nothing is "Hackproof" but yes Ubuntu is more "Hack-Resistant" than Windows if that is your comparison. Part of the reason is technology but mostly Hackers prefer to target the Window's User Base because pickings are more juicy and easier prey.

– WinEunuuchs2Unix
Dec 15 '18 at 20:29





Nothing is "Hackproof" but yes Ubuntu is more "Hack-Resistant" than Windows if that is your comparison. Part of the reason is technology but mostly Hackers prefer to target the Window's User Base because pickings are more juicy and easier prey.

– WinEunuuchs2Unix
Dec 15 '18 at 20:29













@WinEunuuchs2Unix Not to start a flamewar... but what do you base that on? Windows has improved a lot over the previous five years.

– vidarlo
Dec 15 '18 at 20:45





@WinEunuuchs2Unix Not to start a flamewar... but what do you base that on? Windows has improved a lot over the previous five years.

– vidarlo
Dec 15 '18 at 20:45




1




1





Not by a longshot.

– einpoklum
Dec 15 '18 at 21:32





Not by a longshot.

– einpoklum
Dec 15 '18 at 21:32




3




3





obligatory xkcd: xkcd.com/538

– njzk2
Dec 15 '18 at 21:37





obligatory xkcd: xkcd.com/538

– njzk2
Dec 15 '18 at 21:37










1 Answer
1






active

oldest

votes


















11














First of all, nothing is totally secure. Computers are extremely complex, and software is extremely complex. The chance of no unknown security holes are basically nil.



Second, a password only protects the running operating system. Unless the disk is encrypted, it's trivial (<3 minutes) to remove the disk from the machine, and read whatever files you want.



Third, configuration has a lot of impact. Do you have an encrypted disk, but unencrypted swap? In that case the passphrase for encryption is probably stored somewhere in swap - especially if you have suspended the system to disk once.



Or do you have Firewire exposed on the computer? Firewire by default allows memory access, which means that an attacker may simply sift trough memory for your encryption keys...



Linux is no more secure than Windows to an attacker that has physical access to the machine - one could even argue that as Windows has TPM support enabled by default if you use Bitlocker, but Linux requires manual configuration of this - that a default Windows installation is safer against a local attacker.



When it comes to remote access (e.g. over a network), Linux distributions tend to fare rather well - simply because they don't run a lot of network services by default.



Define your threats, and try to mitigate them. If you worry about random thiefs getting access to your data, drive encryption and always powering laptop off before moving it or leaving it unattended will probably be enough. Against targeted espionage, that is probably not enough, as an attacker may for instance add logging devices while the laptop is unattended.



So in short - no, don't assume you're safe. Clearly define your threats, and the expected resources of the threat. A random thief will probably spend five minutes trying passwords, and move on and sell the hardware. CIA will be more sophisticated.






share|improve this answer


























  • Comments are not for extended discussion; this conversation has been moved to chat.

    – Thomas Ward
    Dec 18 '18 at 19:59


















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









11














First of all, nothing is totally secure. Computers are extremely complex, and software is extremely complex. The chance of no unknown security holes are basically nil.



Second, a password only protects the running operating system. Unless the disk is encrypted, it's trivial (<3 minutes) to remove the disk from the machine, and read whatever files you want.



Third, configuration has a lot of impact. Do you have an encrypted disk, but unencrypted swap? In that case the passphrase for encryption is probably stored somewhere in swap - especially if you have suspended the system to disk once.



Or do you have Firewire exposed on the computer? Firewire by default allows memory access, which means that an attacker may simply sift trough memory for your encryption keys...



Linux is no more secure than Windows to an attacker that has physical access to the machine - one could even argue that as Windows has TPM support enabled by default if you use Bitlocker, but Linux requires manual configuration of this - that a default Windows installation is safer against a local attacker.



When it comes to remote access (e.g. over a network), Linux distributions tend to fare rather well - simply because they don't run a lot of network services by default.



Define your threats, and try to mitigate them. If you worry about random thiefs getting access to your data, drive encryption and always powering laptop off before moving it or leaving it unattended will probably be enough. Against targeted espionage, that is probably not enough, as an attacker may for instance add logging devices while the laptop is unattended.



So in short - no, don't assume you're safe. Clearly define your threats, and the expected resources of the threat. A random thief will probably spend five minutes trying passwords, and move on and sell the hardware. CIA will be more sophisticated.






share|improve this answer


























  • Comments are not for extended discussion; this conversation has been moved to chat.

    – Thomas Ward
    Dec 18 '18 at 19:59
















11














First of all, nothing is totally secure. Computers are extremely complex, and software is extremely complex. The chance of no unknown security holes are basically nil.



Second, a password only protects the running operating system. Unless the disk is encrypted, it's trivial (<3 minutes) to remove the disk from the machine, and read whatever files you want.



Third, configuration has a lot of impact. Do you have an encrypted disk, but unencrypted swap? In that case the passphrase for encryption is probably stored somewhere in swap - especially if you have suspended the system to disk once.



Or do you have Firewire exposed on the computer? Firewire by default allows memory access, which means that an attacker may simply sift trough memory for your encryption keys...



Linux is no more secure than Windows to an attacker that has physical access to the machine - one could even argue that as Windows has TPM support enabled by default if you use Bitlocker, but Linux requires manual configuration of this - that a default Windows installation is safer against a local attacker.



When it comes to remote access (e.g. over a network), Linux distributions tend to fare rather well - simply because they don't run a lot of network services by default.



Define your threats, and try to mitigate them. If you worry about random thiefs getting access to your data, drive encryption and always powering laptop off before moving it or leaving it unattended will probably be enough. Against targeted espionage, that is probably not enough, as an attacker may for instance add logging devices while the laptop is unattended.



So in short - no, don't assume you're safe. Clearly define your threats, and the expected resources of the threat. A random thief will probably spend five minutes trying passwords, and move on and sell the hardware. CIA will be more sophisticated.






share|improve this answer


























  • Comments are not for extended discussion; this conversation has been moved to chat.

    – Thomas Ward
    Dec 18 '18 at 19:59














11












11








11







First of all, nothing is totally secure. Computers are extremely complex, and software is extremely complex. The chance of no unknown security holes are basically nil.



Second, a password only protects the running operating system. Unless the disk is encrypted, it's trivial (<3 minutes) to remove the disk from the machine, and read whatever files you want.



Third, configuration has a lot of impact. Do you have an encrypted disk, but unencrypted swap? In that case the passphrase for encryption is probably stored somewhere in swap - especially if you have suspended the system to disk once.



Or do you have Firewire exposed on the computer? Firewire by default allows memory access, which means that an attacker may simply sift trough memory for your encryption keys...



Linux is no more secure than Windows to an attacker that has physical access to the machine - one could even argue that as Windows has TPM support enabled by default if you use Bitlocker, but Linux requires manual configuration of this - that a default Windows installation is safer against a local attacker.



When it comes to remote access (e.g. over a network), Linux distributions tend to fare rather well - simply because they don't run a lot of network services by default.



Define your threats, and try to mitigate them. If you worry about random thiefs getting access to your data, drive encryption and always powering laptop off before moving it or leaving it unattended will probably be enough. Against targeted espionage, that is probably not enough, as an attacker may for instance add logging devices while the laptop is unattended.



So in short - no, don't assume you're safe. Clearly define your threats, and the expected resources of the threat. A random thief will probably spend five minutes trying passwords, and move on and sell the hardware. CIA will be more sophisticated.






share|improve this answer















First of all, nothing is totally secure. Computers are extremely complex, and software is extremely complex. The chance of no unknown security holes are basically nil.



Second, a password only protects the running operating system. Unless the disk is encrypted, it's trivial (<3 minutes) to remove the disk from the machine, and read whatever files you want.



Third, configuration has a lot of impact. Do you have an encrypted disk, but unencrypted swap? In that case the passphrase for encryption is probably stored somewhere in swap - especially if you have suspended the system to disk once.



Or do you have Firewire exposed on the computer? Firewire by default allows memory access, which means that an attacker may simply sift trough memory for your encryption keys...



Linux is no more secure than Windows to an attacker that has physical access to the machine - one could even argue that as Windows has TPM support enabled by default if you use Bitlocker, but Linux requires manual configuration of this - that a default Windows installation is safer against a local attacker.



When it comes to remote access (e.g. over a network), Linux distributions tend to fare rather well - simply because they don't run a lot of network services by default.



Define your threats, and try to mitigate them. If you worry about random thiefs getting access to your data, drive encryption and always powering laptop off before moving it or leaving it unattended will probably be enough. Against targeted espionage, that is probably not enough, as an attacker may for instance add logging devices while the laptop is unattended.



So in short - no, don't assume you're safe. Clearly define your threats, and the expected resources of the threat. A random thief will probably spend five minutes trying passwords, and move on and sell the hardware. CIA will be more sophisticated.







share|improve this answer














share|improve this answer



share|improve this answer








edited Dec 15 '18 at 21:59

























answered Dec 15 '18 at 19:52









vidarlovidarlo

9,50352445




9,50352445













  • Comments are not for extended discussion; this conversation has been moved to chat.

    – Thomas Ward
    Dec 18 '18 at 19:59



















  • Comments are not for extended discussion; this conversation has been moved to chat.

    – Thomas Ward
    Dec 18 '18 at 19:59

















Comments are not for extended discussion; this conversation has been moved to chat.

– Thomas Ward
Dec 18 '18 at 19:59





Comments are not for extended discussion; this conversation has been moved to chat.

– Thomas Ward
Dec 18 '18 at 19:59



Popular posts from this blog

Сан-Квентин

8-я гвардейская общевойсковая армия

Алькесар