[SOLVED] How can I keep my data secure if I take my laptop to a repair shop?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How can I keep my data secure if I take my laptop to a repair shop?
Hi there~
My linux-os laptop has a graphical hardware issue and I need to take it to a repair shop to this diagnosed. I've created an alternate user account for the repair person to login under- is this sufficient to ensure the security of my data, or should I do something more?
My initial assumption was that by doing this, the repair person (logged in under this alternate 'child account') would be unable to access any home drive information in my original 'parent account'. However, I read someplace that new user accounts, by default, are established with 'world-privileges', which I'm unclear on. Does this mean that the user would only have full privileges *within the new account they're logged into*, or that they would have access to the home-drive information of all other user accounts existing on the computer?
Thanks for any advice!
There is also the possibility that he could boot to a live Knoppix disk, and mount your partitions with root privileges to get to any data he wanted. Unless you've encrypted your data, I wouldn't rely on it being safe.
I use gpg for encryption, LUKS may be more appropriate though. When my laptop needs warranty service, I wipe the hard drive by deleting and recreating the partition table, and reformatting.
roger_heslop:
There is also the possibility that he could boot to a live Knoppix disk, and mount your partitions with root privileges to get to any data he wanted. Unless you've encrypted your data, I wouldn't rely on it being safe.
Basically this. I would also encrypt my /home if you wanted it to be safe. I personally use Truecrypt but like roger_heslop said, there are quite a few out there.
As for giving users "world privileges" depends on your Linux distro. Some like Ubuntu (as far as I know) will do this hence they can just "sudo apt-get install [package]" but in other Distros such as Slackware, you would have to assign the group to the user in order for that user to have certain privileges.
In ubuntu, the first user will have sudo privilege and subsequent users will not unless it is explicitly granted. My first thought was you could change the permissions on the /home/your-user-name to turn off read access for others to prevent them from browsing your PC. As others have pointed out, they could simply bypass this by using a live cd.
Your two options would be to either encrypt information you don't want viewed. Ubuntu supports this with the 'private' folder which is decrypted when the user account is logged in. Otherwise, the next best option would be to purchase a small HDD and replace the drive. Remember the old axiom, physical access equals root access. This is one of those cases where this philosophy is true.
While a reputable place won't look through your HDD, you have no guarantee of the person's morals. They may even justify their actions claiming that they are looking for illegal activity to report to the authorities.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.