(More) Specifics:

  • Undoing the protection should include filling in a password.
  • The password should be different from the one used with sudo or any other passwords that are used for acquiring elevated privileges.

All (possible) solutions and suggestions are welcome! Thanks in advance!

Edit: Perhaps additional specifications:

  • With 'displace‘, I mean anything involving that resembles the result of mv, cp (move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to ‘pop up’ anywhere.
  • I require for the files to be unreadable.
  • I don’t care if it’s modifiable or not.
  • I don’t require this for my whole system! Only for a specific set of files.
  • notabot@lemm.ee
    link
    fedilink
    arrow-up
    12
    ·
    4 months ago

    It sounds like you’re actually more concerned about the data in the files not being able to ‘pop up’ elsewhere, rather than the files themselves. In thus case I’d suggest simply encrypting them, probably using gpg. That’ll let you set a password that is distinct from the one used for sudo or similar.

    You should also be using full disk encryption to reduce the risk of a temporary file being exposed, or even overwritten sectors/pages being available to an attacker.

    • poki@discuss.onlineOP
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      4 months ago

      I’ve failed tremendously in making my demands come across :P .

      Uhmm…, what you propose with gpg definitely solves one part of the puzzle.

      But, if I understood correctly, it doesn’t help to prevent a disk clone from getting hold of the files.

      Yes, the files are encrypted, but that’s not sufficient for my needs by itself. If the files would somehow destroy or corrupt themselves on a disk clone (or something to that effect), I would have acquired what I’m seeking.

      • notabot@lemm.ee
        link
        fedilink
        arrow-up
        5
        ·
        4 months ago

        Nothing can prevent a disk clone cloning the data, and there’s no way to make something happen when a disk is cloned as you’re not in control of the process.

        If you wish to mask the existence of the files, use either full disk encryption, in which case cloning the disk doesn’t reveal the existence of the files without the decrypt password, or use a file based encrypted partition such as veracrypt in which case the cloner would just see a single encrypted blob rather than your file names.

        Ultimately encrypting the files with gpg means they have already effectively ‘destroyed or corrupted’ themselves when cloned. If you don’t want to reveal the filenames, just call them something else.

        If you could be a bit more specific about your threat model people may have better ideas to help.

        • poki@discuss.onlineOP
          link
          fedilink
          arrow-up
          2
          arrow-down
          2
          ·
          4 months ago

          If you could be a bit more specific about your threat model people may have better ideas to help.

          Threat model is me protecting myself from myself.

          Incoming XY problem.

          I want to prevent myself from reinstalling my system. The trick I came up with involved the use of files that couldn’t be disk cloned. However, if it’s far far easier to accomplish it through other means, then please feel free to enlighten me on this.

          • notabot@lemm.ee
            link
            fedilink
            arrow-up
            2
            ·
            4 months ago

            Ok, I’m still not clear on exactly what you’re trying to achieve as I can’t quite see the connection between somehow preventing certain files being duplicated when cloning the disk and preventing yourself from reinstalling the system.

            Bear in mind that reinstalling the system would replace all of the OS, so there’s no way to leave counter-measures there, and the disk itself can’t do anything to your data, even if it could detect a clone operation.

            If what you’re trying to protect against is someone who knows everything you do accessing your data, you could look to use TPM to store the encryption key for your FDE. That way you don’t know the password, it’s stored encrypted with a secret key that is, in turn, stored and protected by your CPU. That way a disk clone couldn’t be used on any hardware except your specific machine.

            • poki@discuss.onlineOP
              link
              fedilink
              arrow-up
              1
              ·
              4 months ago

              Ok, I’m still not clear on exactly what you’re trying to achieve as I can’t quite see the connection between somehow preventing certain files being duplicated when cloning the disk and preventing yourself from reinstalling the system.

              Premises:

              • Very important files on disk (somehow) protected from copy/mv/clone whatever.
              • Reinstalling my OS wipes the disk.

              Therefore, I would lose those very important files if I were to attempt a wipe. If said files are important enough for me to reconsider wiping, then the act of protecting them from copy/mv/clone has fulfilled its job of preventing me from reinstalling the OS.

              Bear in mind that reinstalling the system would replace all of the OS, so there’s no way to leave counter-measures there, and the disk itself can’t do anything to your data, even if it could detect a clone operation.

              I understand.

              If what you’re trying to protect against is someone who knows everything you do accessing your data, you could look to use TPM to store the encryption key for your FDE. That way you don’t know the password, it’s stored encrypted with a secret key that is, in turn, stored and protected by your CPU. That way a disk clone couldn’t be used on any hardware except your specific machine.

              Very interesting. A couple of questions:

              • Is it possible to only protect a set of files through this? So not the entire disk?
              • Does TPM get flushed/randomized on OS reinstall?
              • notabot@lemm.ee
                link
                fedilink
                arrow-up
                3
                ·
                4 months ago

                This seems like a very complicated way to achieve your goal! It sounds like sitting yourself down and giving you a stern talking to might be a beter aporoach.

                Having said that, if you have these very important files that you don’t want to lose, please make sure they’re backed up somewhere off of your machine. Storage fails, and it’s a horrible feeling losing something important. Unfortunately doing so would defeat the approach you’re thinking of.

                This might be a case of needing to reframe the question to get to the cause of the issue, and then solve that. So, why do you want to make it hard to reinstall your machine? Is it the amount of time you spend on it, the chance of screwing it up, needing it working, has it become a compulsion or something else? Maybe if we can get to the root of the issue we can find a solution.

                With regard to TPM, it’s basically just a key store, so you can use it fir anything really, althought it’s normally used by generating a TPM key and using it to encrypt the key that’s actually used to encrypt your data, storing the encrypted key with the OS. Just reinstalling won’t wipe the TPM, but unless you made an effort to save the encrypted key it’ll be gone. Given your problem statement above it just adds to the data you’d need to save, which isn’t helpful.

                • poki@discuss.onlineOP
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  4 months ago

                  This seems like a very complicated way to achieve your goal! It sounds like sitting yourself down and giving you a stern talking to might be a beter aporoach.

                  You’re probably right. But, it ensures a surefire method if accomplished.

                  Having said that, if you have these very important files that you don’t want to lose, please make sure they’re backed up somewhere off of your machine. Storage fails, and it’s a horrible feeling losing something important. Unfortunately doing so would defeat the approach you’re thinking of.

                  Thank you for your concerns!

                  This might be a case of needing to reframe the question to get to the cause of the issue, and then solve that.

                  Makes sense.

                  So, why do you want to make it hard to reinstall your machine?

                  I want to set it up in a particular way to ensure maximum productivity. But I’m afraid that I’ll not go through with it (as has happened a lot in the past). Thus, making it impossible to reinstall should enable me to go through. As I wouldn’t have any other choice.

                  Is it the amount of time you spend on it

                  The amount of time spent unproductively. Yes.

                  the chance of screwing it up

                  Nope. I haven’t had a serious breakage since over one and a half years. I think I’m managing splendidly.

                  needing it working

                  Don’t really have particular problems related to keeping my system up and running.

                  has it become a compulsion or something else?

                  Not sure what you meant with this.

                  Maybe if we can get to the root of the issue we can find a solution.

                  I believe I touched upon this earlier in this comment. I just want to be very productive.

                  With regard to TPM, it’s basically just a key store, so you can use it fir anything really, althought it’s normally used by generating a TPM key and using it to encrypt the key that’s actually used to encrypt your data, storing the encrypted key with the OS. Just reinstalling won’t wipe the TPM, but unless you made an effort to save the encrypted key it’ll be gone. Given your problem statement above it just adds to the data you’d need to save, which isn’t helpful.

                  Uhmm…, I feel as if I should properly read up on this. Have you got any pointers you would recommend?