Archive for the ‘Everyday Security’ Category

I’ve been using FileVault to encrypt the drive on my travel machine for a while now, but I’ve only recently enabled it on my everyday machine. I rarely take it anywhere, but since I bought a nice new tiny laptop that will change. (I’ll discuss the mechanics of enabling it another time.)

Mostly this hasn’t made any difference in how I use my laptop, but here and there I run into something. (If you don’t already have your Mac configured to require a password, FileVault will enable that. Many people do, and many corporate IT policies require it.)

I had to take the new machine in for repair this week, and as part of the routine intake process they ask for the login and password. Uh, no. That’s pretty normal for me, I usually wipe a machine before I hand it over but I didn’t have time. Now if the service issue were software, this obviously wouldn’t work. But so far I’ve not needed to take something in overnight for anything other than broken hardware.

I dutifully inform them the encrypted state of the drive, and they will get back to me if there is a problem. But what exactly does that mean for them? FileVault 2 is full-disk encryption (unlike the original FileVault) so when you start up the machine you immediately get a login screen. If you don’t log in, it won’t even finish booting. After replacing my logic board, the repair tech will have to attach another bootable volume, use the Option key on startup to select where to boot from, and test it that way.

When I travel, I always shut down the machine before I pack it away. Not only does that mean it can’t accidentally wake up in transit (risking your hard drive if you have the old spinning kind, or your battery either way) but if anybody steals it there is no chance someone is getting into my hard drive. Now if they had my password-protected laptop and it were only sleeping, technically it would be “easier” to gain access. But by that I mean if a skilled and determined attacker were interested, there might be weaknesses in the OS or other things that could be compromised to allow unauthorized access. Might. If you are being tracked by a government agency and your laptop gets taken off in a black helicopter, perhaps you have some concern. The sketchy dude who lifted your MacBook Air from Starbucks? Unlikely.

Now one thing Sketchy Dude is likely to do is open it up to see if it works. If your laptop is able to connect to a wireless network and you have some kind of location tracking program enabled, then you might be able to find out where Sketchy Dude is. That wouldn’t happen if the machine were shut down. (It also wouldn’t happen if he wipes the drive before connecting it to a network, which thieves who know anything about computers will do.)

I haven’t enabled Find My Mac because if someone has taken off with my laptop, I’m not counting on getting it back. (It’s fully backed up, after all.) It also means it’s not constantly reporting its location, and there’s one less source of information about me to exist in somebody’s giant database. (I do use it on my phone, as that’s a different story.)

So enabling disk encryption hasn’t changed anything for me, but that might not be the same for someone else. If you really hate entering a password, you aren’t going to like FileVault.

Update:

Well, I did find one thing: Safe Boot doesn’t work with FileVault (see the link in the comments.) When I was having migration problems, the Apple tech recommended I restart with Safe Boot but I couldn’t. Unfortunately she also didn’t know that was on purpose. (Fortunately, for FV2 anyway, the migration issue didn’t seem to be related to encryption.)

Resources:
Complete guide to FileVault 2 in Lion

Rich Trouton’s blog posts about FileVault 2 (for hardcore IT folks)

I got my Global Entry interview and approval today, finally. (If you live in a city that is not Metro DC, it takes months to get an appointment.) I had to think about it, because basically I’m paying for the privilege of giving the government a ton of information and then I’m supposed to (not totally guaranteed) get priority access to TSA and Customs.

My friends who use it think it’s the best thing ever, and I’m flying more right now. It’s a lot of personal information, however. (I’ll leave for another day the discussion on buying one’s way out of TSA security theater still forced upon other travelers.)

I had no idea what to expect from the interview. My big joke last week at 30C3 was “Will attending this talk affect my Global Entry Interview?” Are there bonus points for being a white person of European heritage? Close relation of career government employees and contractors? Would my history of charitable donations be scrutinized for subversive organizations? I didn’t actually think we are so far over the cliff that this would be an issue for me, but with the news swirling around lately and the long history of negative actions “not determined by” race and ethnicity, I suppose I was happy I was at SFO and not some of the other places I’ve lived. And, as sad as I am to say this, not brown.

I have no idea what could have come up as a problem because the interview was mercifully short and uneventful. The officer wanted to confirm my residence and mailing addresses, check my documents, and take fingerprints. But there were some pretty pointed financial questions about my income. Aside from “Have you ever been arrested?” pretty much all he wanted to know is where my income came from. Like every third question, as if I would answer any differently. (Yes, that’s the point.)

There might not have been so many if I had a current employer they could verify. It might even have been different if I had my interview somewhere other than SFO, as the officer didn’t seem especially surprised to see a software person sans regular paycheck. Apparently there are a lot of those around here. I didn’t get to see what was on his screen he was comparing my answers to, but I could make some guesses. (When I said I had been through the London airport last week, he knew it was because I was coming from Germany.)

If I didn’t know how this worked, that would have been kinda creepy.

My husband won’t sign up for it because it’s too invasive. I sat down and looked at it: what I had to provide, what I’ve already provided to various government agencies for other purposes, and what I know must have already been collected about me because of who I am and where I’ve been. It’s already there, all of it, even the fingerprints. This is pretty much taking the mini-background check done whenever I buy a ticket and doing it all up front.

Do I like it? No, not particularly. I don’t like a lot of things my government does with my personal information, and I know they have a lot of it. And I’ve seen more than enough news to be convinced that the security state is growing at an alarming rate. Am I practical enough that I will choose to participate to get this benefit? After a good bit of internal discussion, yes. If one day someone in power decides that nerdy users of encryption, opters-out of nude airport scanners, and supporters of civil liberties charities are a menace to society, I’m gonna be in trouble. Will that happen? I can’t answer that. I do know that I’m going to deliberately consider my actions in this regard and not change a damn thing.

Realizing I’d forget ideas if I didn’t, I started a page to list topics to write about. You can find it here:

Everyday Security post ideas

Suggest your ideas! You can always find the list from the sidebar under “Resources.”

Let’s start with something simple: phone passcodes. I’m going to assume that anyone reading this knows they should have a passcode on a mobile device. But what are the options?

The standard 4-digit pin that is ostensibly protecting your important stuff (phone, ATM, whatever) is really no more than a nuisance to anyone seriously wanting to get in. It will keep a random thief from immediately reading all your email and posting selfies to Facebook, but anybody who’s smart will turn off the phone and take it away from cell coverage for further investigation.

There are only 10,000 combinations and in some cases (like mobile phones!) there are programs out there that just try all of them. Still, it’s better than nothing, so even if you can barely remember your own phone number you should at least try. Just pick a non-horrible one and find out what you need to do in the event you forget it [iOS.]

Decent modern phones also offer more complex passwords, but then you have a more complex thing to remember. Plus, typing a good, strong password on a phone is a major pain. Android phones also let you choose a pattern you draw on the screen with your finger, which might be easier for some people to remember. (My husband says his is “pretty complex.”) On iOS, if you choose a longer password but make it only numeric you get a bit of a compromise: a potential attacker can see that it’s only digits (the numeric keypad is displayed) but doesn’t know how many digits it might be.

I currently use a 4-digit passcode, but I’m starting to experiment with a longer numeric one – I enabled it for a short time and it wasn’t too horrible (and I’m a “might not remember own phone number” person.) It would mean that the handful of people who occasionally have legitimate access to my devices would have to learn something new (or get their own to play games on) but it would be overall more secure. This is particularly true if you suspect your electronics might be inspected at a border crossing, like some of my more activist friends.

And that leads me to a short discussion of the fingerprint sensor on the latest iPhone: I have this phone but I’m not using Touch ID right now. I’m still contemplating it, based on the uncertainty of some legal theories. I admit that for the vast majority of people this is way out there, and if you are a person who otherwise would have no security on your phone, the last thing I want to do is discourage you from using the fingerprint authentication. It’s so much better than a 4-digit passcode in basically every other way, and easy to use.

As things go in the legal world, until there is a case that decides the implications of biometric authentication, the situation is open to interpretation. I’ll leave it to lawyers to explain the details, but basically there is a question if it is legal (in the US, at least) to force you to give up your biometric information (something you are, your fingerprint) where it wouldn’t be if you were required to give up a password (something you know.) If Touch ID allowed me to also have a passcode, even a lousy 4-digit one, I’d be all over it. But as I’m a part-time member of the tinfoil hat club larger security community, for the moment I will continue contemplating. (Here’s an article discussing some of the concerns.)

So now that I’ve gotten through all that, I’ll admit I’m a bit of a slacker for not choosing a longer passcode. I promise to work on that.

Some more resources:
Understanding iOS passcode security
An Overview of Android Lock Screen Security Options [Beginners’ Guide]

When I threw out the offhand comment that I should write about my personal digital security, I was expecting it would be the usual social media post that gets lost in the undertow (particularly right after the holidays.) But so many people emphatically said Yes!! that I decided I would resurrect an old dead blog and get started.

There are a lot of things I do because I know I’m being watched, both on the Internet directly but also the growing ways my personal information is collected or I’m “digitally observed” in public. The revelations of the past few months have made clear that this is the way the world is now. In the absence of political solutions, we individually must decide what technological measures we will take in response to the widespread surveillance of average people. The only way to completely opt-out of data collection is to opt-out of modern life: banks, credit cards, mobile phones, travel, earning a paycheck. Even just being in public often means your image is being recorded, and increasingly checked against databases. It’s not been science fiction for a while now.

Perhaps you will find some of this old hat, but maybe there will be new ideas or even the encouragement to do something you “ought to” but haven’t actually gotten around to. Even if you think something’s not for you, knowing it is possible is valuable information for the future.

I’m going to try to avoid most of the political discussion surrounding this topic and stick to the practical. But one of the reasons I do go through all this trouble is to push back against a dreary non-controversial world of constant surveillance, where privacy is a luxury good and most people have to live with the knowledge that everything they say or do or buy or read will be compiled into a dossier that can be consulted by sufficiently interested parties. The “safety” of conformity is the most astoundingly depressing future I can imagine.

A little about me:

I’m just this average nerd, you know? I’m not a security researcher or cryptographer, I’m not fond of that level of math to be honest. But I’ve been working with computers for a very long time and have learned from my security researcher and cryptographer friends and colleagues that I am right to be wary of how the vast amount of digital data I generate can be used. You will find I talk a lot about the concerns of residents of big cities, frequent travelers and users of Apple technologies, because I am all those things. I invite others to contribute their experiences, and welcome recommendations for guest posts. (Windows people, I’m looking at you!)

I hope you find this effort valuable, and invite you to learn along with me.