On 31/07/17 07:39, Daniel Pocock wrote: > > Hi all, > > I've recently had discussions with new users at various events who were > installing Debian for the first time, usually on laptops. > > It is easy enough to run the installer and get Debian up and running. > > However, if the user is security conscious, or will be travelling to > events and passing through hostile airport/border checkpoints, are there > any extra suggestions about how the laptop could be setup? > > For example, should they use the default disk encryption strategy > proposed by the Debian installer, or another strategy? Or should they > be considering a derivative or something else? > > Another question that comes up when I have this discussion with new > users, they want to reduce their dependence on cloud services, so what > is the currently recommended way to sync or replicate content from their > laptop disk for backup purposes? While I have various ways of doing > this as a developer, what is proposed for non-developers? >
I received a private reply seeking clarification of the threat model Standard threats affecting all people who travel with a laptop these days: 1. return of laptop for warranty service, technician has your data 2. theft of laptop 3. routine inspection by border officials (they may want the user to log in and type screen unlock password or briefly attach a device for "checking" the laptop) The user in mind: ordinary person who simply doesn't want to either: a) risk losing a copy of personal documents and photos when such loss could have been easily prevented, b) lose time answering questions at a border checkpoint because their laptop looks too secure or unusual. Obviously there are users who know they might be singled out for closer scrutiny and they might go to extra effort but I'm simply asking about the case of the ordinary user encountering ordinary but sometimes unreasonably curious uniformed officials. Regards, Daniel
