`cryptic`: Encryption and partitioning on Ubuntu

Jérémie Astori
@astorije

W3C20 Lightning Talks
29 October 2014

1 / 12

Lame title, don't you worry, rest worse.

Motivation

Full-disk encryption: Very easy to use, no latency, you won't even notice it.
— Bruce Schneier, NSA Surveillance and What To Do About It

2 / 12

February, talk given by Bruce Schneier, cryptographer, security and privacy specialist
Great! Let's give it a try.
Ubuntu installer: checkbox. Checked, encrypted.

Motivation

Full-disk encryption: Very easy to use, no latency, you won't even notice it.
— Bruce Schneier, NSA Surveillance and What To Do About It
Problem: how to split / and /home into 2 partitions?

3 / 12

February, talk given by Bruce Schneier, cryptographer, security and privacy specialist
Great! Let's give it a try.
Ubuntu installer: checkbox. Checked, encrypted.

I like root and home partitions separate.
No option for this in Ubuntu's installer (unlike Debian).
Long tutorials and command line skills, not trivial.

Motivation

Full-disk encryption: Very easy to use, no latency, you won't even notice it.
— Bruce Schneier, NSA Surveillance and What To Do About It
Problem: how to split / and /home into 2 partitions?
Solution: cryptic! *

* Until it is included in the installer...

4 / 12

February, talk given by Bruce Schneier, cryptographer, security and privacy specialist
Great! Let's give it a try.
Ubuntu installer: checkbox. Checked, encrypted.

I like root and home partitions separate.
No option for this in Ubuntu's installer (unlike Debian).
Long tutorials and command line skills, not trivial.

cryptic is a very simple (ugly) script that does everything for you.

Hopefully, this script will die:
For encryption to generalize, must be no trade-off between privacy and convenience.
Me: 2 partitions, nevermind the encryption. Most people would make this choice.

Usage

When installing Ubuntu, check Encrypt the new Ubuntu installation for security

Ubuntu installer: Installation type step

5 / 12

Usage

When installing Ubuntu, check Encrypt the new Ubuntu installation for security
Once Ubuntu is installed, before rebooting, open a terminal and type:

wget -N https://astori.fr/cryptic.sh
chmod +x cryptic.sh
./cryptic.sh

6 / 12

3 lines, very easy. Downloads and executes.

Usage

When installing Ubuntu, check Encrypt the new Ubuntu installation for security
Once Ubuntu is installed, before rebooting, open a terminal and type:

wget -N https://astori.fr/cryptic.sh
chmod +x cryptic.sh
./cryptic.sh

By default:
- / gets 20GiB
- /home gets the rest of the disk

7 / 12

3 lines, very easy. Downloads and executes.

Can be customized

Live demo (sort of...)

cryptic: about to start

8 / 12

Safe version of a live demo: couple of screenshots

Live demo (sort of...)

cryptic: Success

9 / 12

Takes a few minutes

Current issues

Not supported:
- Other flavors of Ubuntu
- Multi-boot
- ...
Not so robust
Command to execute too complicated

10 / 12

Only the base scenario is handled

Will make command 1 line when I have time to test.

Current issues

Not supported:
- Other flavors of Ubuntu
- Multi-boot
- ...
Not so robust
Command to execute too complicated

To contribute or report a bug:

https://github.com/astorije/cryptic

11 / 12

Only the base scenario is handled

Will make command 1 line when I have time to test.

Restore privacy in Ubuntu

Since you are running scripts anyway...

https://fixubuntu.com/

12 / 12

Another one-liner that prevent your data to be sent to third parties.
Didn't think a Linux distro would do that, did you?

↑, ←, Pg Up, k	Go to previous slide
↓, →, Pg Dn, Space, j	Go to next slide
Home	Go to first slide
End	Go to last slide
b	Toggle blackout mode
f	Toggle fullscreen mode
c	Clone slideshow
p	Toggle presenter mode
w	Pause/Resume the presentation
t	Restart the presentation timer
?, h	Toggle this help

cryptic: Encryption and partitioning on Ubuntu

Help

`cryptic`: Encryption and partitioning on Ubuntu