DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2 Weeks Ago
shep shep is offline
Real Name: Scott
Rc.conf Instructor
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 1,187
Default Securing a NetBook w/ SD card

I have an HP Stream 14 en route and am looking at the storage setup from a security standpoint. In my neck of the woods, laptops are frequent theft targets and I suspect the same would hold true while traveling. These HP stream devices have limited storage space (32GB) which has been an issue for Win10 users doing updates. My suspicion is that the Win10 update issue resulted in a fair number of HP Streams showing up on the refurbished market. The devices also have a full size SD slot that supports SDXC.

I intended to just load the personal data I would need on a particular trip and use IMAP with header cache for email. This looks like a good time to explore/implement encryption.

My thoughts:

Option 1. An /etc/rc.local command to mount the SD drive as an encrypted /home/user partition. Do not create the /home partition on the MMC.

Option 2. At install make a very small /home/user partition. Use an /etc/rc.local script to graft the SD uuid, if present, onto the small MMC /home/user partition. Could this scheme incorporate encryption?

Option 3. Encrypt the /home/jsh/mail/cache file

Any other suggestions?

Last edited by shep; 2 Weeks Ago at 05:02 PM.
Reply With Quote
  #2   (View Single Post)  
Old 2 Weeks Ago
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,377
Default

If the laptop will not be multibooted, I'd just set up FDE with a passphrase, and not worry about any external devices.
Reply With Quote
  #3   (View Single Post)  
Old 2 Weeks Ago
ibara's Avatar
ibara ibara is offline
Future Defcon 201 speaker
 
Join Date: Jan 2014
Posts: 634
Default

Seconded. I wouldn't use an SD as an integral storage device on any laptop. It's one thing if this is some arm board where the thing never gets physically touched ever. But one mistake (think: accidentally ejecting the SD card while the machine is running/writing) can totally destroy all the data on the SD card. Not worth it IMO.
Reply With Quote
  #4   (View Single Post)  
Old 2 Weeks Ago
bsd-keith bsd-keith is offline
Real Name: Keith
Open Source Software user
 
Join Date: Jun 2014
Location: Surrey/Hants Border, England
Posts: 177
Default

I'm not avocating your use of an SDHC card - but my daily email checker runs Linux from an 8GB SDHC card, & I haven't had any problems/mishaps with it.
__________________
Linux since 1999, & also a BSD user.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hardware Dell pulls back from netbook market ocicat News 1 20th December 2011 04:22 AM
OpenBSD's X11 on an Acer Aspire netbook bruguiea OpenBSD General 6 20th April 2010 06:10 AM
Netbook - NetBSD or OpenBSD? marc General Hardware 4 21st July 2009 03:44 PM
Securing ftp access AlexDudko FreeBSD Security 6 12th January 2009 09:21 PM
Securing your NetBSD system anomie NetBSD Security 4 27th May 2008 11:19 AM


All times are GMT. The time now is 07:46 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick