cryptic: Encryption and partitioning on Ubuntu

class: intro, middle

# `cryptic`: Encryption and partitioning on Ubuntu

Jérémie Astori<br>
[@astorije](https://twitter.com/astorije)

[W3C20](https://www.w3.org/20/) Lightning Talks<br>
29 October 2014

<footer>
  astori.fr/cryptic-tpac
</footer>

???

Lame title, don't you worry, rest worse.

---
layout: true
class: default

<header>
  <h2>{{ title }}</h2>
</header>

<footer>
  astori.fr/cryptic-tpac
</footer>

---
title: Motivation

- <cite>Full-disk encryption: Very easy to use, no latency, you won't even notice it.</cite><br>
  —
  Bruce Schneier, [NSA Surveillance and What To Do About It](https://notes.astori.fr/nsa-surveillance-and-what-to-do-about-it/)

???

February, talk given by Bruce Schneier, cryptographer, security and privacy specialist<br>
Great! Let's give it a try.<br>
Ubuntu installer: checkbox. Checked, encrypted.

- Problem: how to split `/` and `/home` into 2 partitions?

???

I like root and home partitions separate.<br>
No option for this in Ubuntu's installer (unlike Debian).<br>
Long tutorials and command line skills, not trivial.<br>

- Solution: `cryptic`! .mark[*]

.footnote[.mark[\*] Until it is included in the installer...]

???

`cryptic` is a very simple (ugly) script that does everything for you.<br>

Hopefully, this script will die:<br>
For encryption to generalize, must be no trade-off between privacy and convenience.<br>
Me: 2 partitions, nevermind the encryption. Most people would make this choice.

---
title: Usage

- When installing Ubuntu, check *Encrypt the new Ubuntu installation for security*

.center.ubuntu_installation_type[![Ubuntu installer: Installation type step](img/ubuntu_installation_type.png)]

---
title: Usage

- When installing Ubuntu, check *Encrypt the new Ubuntu installation for security*

- Once Ubuntu is installed, before rebooting, open a terminal and type:

```commandline
wget -N https://astori.fr/cryptic.sh
chmod +x cryptic.sh
./cryptic.sh
```

???

3 lines, very easy. Downloads and executes.

- By default:

- `/` gets 20GiB
  - `/home` gets the rest of the disk

???

Can be customized

---
class: middle
title: Live demo (sort of...)

.center[![cryptic: about to start](img/cryptic_0.png)]

???

Safe version of a live demo: couple of screenshots

---
class: middle
title: Live demo (sort of...)

.center[![cryptic: Success](img/cryptic_7.png)]

???

Takes a few minutes

---
title: Current issues

- Not supported:
  - Other flavors of Ubuntu
  - Multi-boot
  - ...

- Not so robust

- Command to execute too complicated

???

Only the base scenario is handled

Will make command 1 line when I have time to test.

To contribute or report a bug:

.center[https://github.com/astorije/cryptic]

---
title: Restore privacy in Ubuntu

Since you are running scripts anyway...

.center[https://fixubuntu.com/]

???

Another one-liner that prevent your data to be sent to third parties.<br>
Didn't think a Linux distro would do that, did you?