Looks like TrueCrypt combined with some other tools will do it for me.

There were no "recommended" transparent solutions for partitions, so if anybody has any positive experiences with them, a post would be appreciated.

Installing Debian onto USB flash media with everything encrypted.

Just do the same on your harddrive.

http://www.debian-administration.org/articles/179

Here's another one after a 1 minute search on google:
http://www.google.com/search?q=encrypted+root+distro
=>
http://www.remote-exploit.org/index.php/Encrypted_EFS


"completely secure computer" is not the same as "secure computer".
There is NO completly secure computer.

There's no benefit encrypting files with no confidential information such as binaries in /bin, /sbin, libraries, etc. It backfires as it provides a good deal of known plaintext. It's better to encrypt /home, /tmp, swap and so on.

I would like to know more about this 1344-bits stuff. How do they generate such a large bitstream from only a password and stuff it into 448-bits blowfish ?

nothing is 100 percent secure! i think maybe you should wear a gun and put your laptop on a autodestruct mode using some kind of bomb (RDX maybe). if by chance somebody tries to rob your laptop your first option would be to resist the attack with your gun and if that fails launch failsafe--------------->BOOM!
no data, no files, no harddisk, no laptop. ENJOY!

It would be unwise to categorically say "a way that is completely secure." On any system, you simply don't know that. There could be a vulnerability in the closed-source software that you don't know about; see http://www.counterpane.com or Bruce Schnierer's http://www.schneier.com/.

Encrypted-filesystem drivers are readily available for Linux, and since the source-code is available for open review you can be more confident that they don't contain hidden flaws if used correctly. Ahh, but there's the rub. When it comes right down to it, the security (or lack thereof) is the purview of the system administrator... You! A piece of flashy-looking software in a flashy box, easily installed by the user (who is logged on as Administrator without a password, on a public network without a firewall, running exactly the same services wirelessly at Starbucks as he does when connected to the company's wired network... where he might accidentally leave the wireless unit turned-on and thus create an open door into the company's "private" network to a competitor in the office next-door!) may look and feel good ... and be worthless. Worse than worthless.

A quick search on http://freshmeat.net for "encrypted filesystem" shows no less than eight promising-looking options, all with source, many of them cross-platform. These could be applied as a strong part of a well-thought-out security strategy. But a flashy box-product bought at Staples is not a "strategy."

If your encrypting the hard drive, don't forget to encrypt the memory. Data can be retrieved from RAM after power is lost to the system (shutdown etc), and even possibly after the data has been written over. And of course data can easily be retrieved from many file systems after being deleted.

I'm sorry to see the amount of misdirection and misinformation in this thread. The purpose of this thread was not to find out if windows is as secure as Linux, but to find a security solution on Linux that disables any retrieval of certain information after the physical seizure of a computer.

Some here have mocked good encryption algorithms by saying the more security you implement the more security "they will just crack". This is incorrect. It would take a week on a supercomputer and some good luck to break the heavy encryption algorithms you can utilize to encrypt a file system. Anyone who authorizes to take your computer by law (I'm not disputing the constitutionality of the patriot act and the executive eavesdropping order) will obviously be paying someone else to take the information off your computer. They will definitely not spend a week (or, from their point of view, undefined amount of time) breaking encryption, unless you have left an easy (careless) security loop hole for them.

It has already been said in this thread that your current security solution can be achieved in Linux. However, I have not seen a comparable ALL-IN-ONE security solution for Linux. It is not necessary to have an all-in-one security solution if you are willing to spend a little time "tinkering" with a Linux box.

As for fingerprint authentication for your computer:

Anyone with the resources to retrieve data off your computer can easily take your fingerprint off the coffee cup your threw away at 7/11 last Saturday. Fingerprint authentication won't add to the security of your computer if the government is involved.

Memorize a pattern on your keyboard that will easily allow for a 20 character password. You do not want the weakest link in your security exploited.

I'm not sure the Linux world can offer something like Drivecrypt - but since the company that puts it out made it to Bruce Schneier's Doghouse at http://www.schneier.com/blog/archive...ghouse_pr.html, then maybe that's OK...

After everything that has been said here...I hope that was a sarcastic comment.

Not at all - Drivecrypt sounds like snake oil and I don't have any interest in seeing "Snake Oil for Linux (TM)".

I use Linux because it fits the business needs of my clients even when those needs are security based. No Drivecrypt under Linux? No worries mate

ummm... could you elaborate please?? or were you joking??

Well, I have some experience retrieving from hard drives, but not memory. I was also surprised when I first learned about this, but now I have read about it some, and it seems to be completely reasonable. Why do you think the linux folk would add support for encrypted ram drives if they were completely useless?

If there thread starter ever comes back:

http://www.remote-exploit.org/index.php/Encrypted_EFS

That will be more secure than your drivecrypt.
And its basically an all-in-one guide [-_o].

okay, but how about some links so that we can also read-up on this very interesting topic??

I would have definitely posted the links if I still had them. I just did a quick search without any luck, and since its been a while I'm also still interested. It was about data retrieval from the memory, and it (might have been security ebooks, not the web, sorry I don't remember right now) did mention retrieval after power is lost to the memory. Let me know if you find any internet references.

There's nothing for Windows that does either. Everything he's done can easily be defeated by anyone with physical access to the PC and this little device from ThinkGeek:

http://www.thinkgeek.com/gadgets/electronic/5a05/

Like others have said, security is a process. If you're unwilling to follow good security proceedures/practices no amount of fancy hardware or software will save you, regardless of OS.