Ubuntu

deceptive login to protect privacy

Asked by Spraff

This is a security feature request. Sorry if I'm posting this to the wrong place but I'm new to Launchpad.

Here's the relevant scenario: your laptop is siezed by the TSA and they decide to search it, so they power it on and get the login screen. Then they force you to enter your password. What appears to happen is you get logged-in and no matter how much they search, there is nothing private or otherwise embarrasing to be seen.

What actually happened is you typed in a second password which logs you in as a different user, B. The name of this other user, as returned by whoami or other queries, appears to be your normal username A. Moreover, any files owned by A appear to not exist and any files owned by B are listed as being owned by A. From the point of view of everyone except root processes, user A is the only exsiting user.

We can go further with the ghosting. When you are logged-in as A under normal circumstances, user B and all its resorces appear to not exist. Configuration options and all the rest is only visible if you are root. All A's files could be stored stenographically and the used space, as seen by B, is merely swap.

One caveat, since root is normally locked under Ubuntu, if user A is the only user on the system (it's this aspect which gives you plausable deniability), user A needs to be able to sudo, so someone could force you to sudo su and reveal if all these ghosting options are in place. Well, we ghost root as well! We appear to have logged-in as A but used the password for B instead. As B we sudo and type the same password again (note, not A's normal password which works for A's sudo). This fake root now appears to be normal root, but all of A's files, the existence of A at all, and the entire ghosting system appear to not exist.

A lot of this could be implemented with chroot-prison-type behaviour, but in order to cover our tracks we need to put a few branches in the kernel to specificly hide and intercept specific file accesses and API calls. Shame I'm not a kernel coder or I'd get started today!

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Jonathan Thomas (echidnaman) said : 		#1

Might I suggest brainstorm.ubuntu.com? That would be the best place for ideas like this.

Can you help with this problem?

Provide an answer of your own, or ask Spraff for more information if necessary.

To post a message you must log in.