My first HPR episode in ages came out last night called Mischief Managed, it's my most subversive to date. It's about how to prepare and get your netbook or laptop through the Copyright Cops employed as Customs Officers with your private data still private while at the same time being a model of cooperation.
This post is about an extension to the 3rd option, the decoy OS. While any removable media would be checked, an SD card with a /boot partition, or even just Grub on it would be an idea. The plan is to install your main OS and put either the bootloader only, or /boot onto the SD card, and install your decoy with a regular HD bootloader. If you boot with the SD card in if takes you to your main OS without asking you, if you boot with the card out it takes you to your decoy OS. Then you simply carry your SD card separately. When asked to insert it so they can check the contents, you do so after the machine is on, that way it's like any other removable storage.
It may also be an idea having the decoy as something at least familiar to the Copyright Cops too, otherwise they may see any Linux as "that's not Windows, that must be illegal" even though it's perfectly legit. Perhaps the decoy OS would be better as either Windows, or ChromeOS with a decoy GMail account. With a netbook, ChromeOS is an easy sell "I want it to be light and fast, I only use it for traveling" etc.
If you liked this post, buy me a coffee
As a supporter of Creative Commons, the contents of this site are licensed under a Creative Commons CC-By-SA 3.0 Unported license. This means you're allowed to copy, distribute, transmit, adapt and make commercial use of the work under certain conditions.
- Attribution - You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work).
- Share Alike - If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
Related Blog Posts
- All Sides Of The Political Divide Should Support FOSS
- Using Karma As A Deterrent
- Open Data Alliance Centre
- Linux Friendly Companies - UK
- IT Patriotism
- A Collection Of Random Errata
- How eBook Readers Can Take Off
- The Myth Of The "Lost Sale"
- Consistency
- Logical Extension To The Notification Bar In Android
Comments
HOW
would you go about accomplishing this? To be honest, I'm a recent convert from the DRM scheme that is Windows and have come to appreciate the world of FOSS. I have also faced the type of scrutiny from the joke that is TSA. A setup such as you have described would save me considerable aggravation when flying out. Thank you for any response.
Dual boot with a slight tweak
Partition your HD first and install your decoy OS first, with the /boot to the root partition of the HD. It only needs a few GB and it's easy to keep the file manager from not making the free space obvious, perhaps a single 10gb partition would suffice. Edit the Grub menu in /boot/grub/grub.cfg as root to change the time out to 0. That way it will always select the latest kernel and never show the Grub menu.
Thunar lets you not only choose which columns to show, so you can deselect the date modified field (that way files don't stick out as being old), it allows you to hide the status bar along the bottom, so you can't see at a glance it's only a small partition, or how much is left / used.
Reboot and install your main OS onto the partitions you had planned, but don't touch the decoy OS. When it asks where to put the bootloader, tell it the root of your SD card. When you boot into your main OS, run a sudo grub-update to scan for all installed OS's including the decoy. It will rewrite the Grub menu on the SD card and keep it's current (main OS) as the default. This allows some flexibility.
This is about where the bootloader is, you can have a separate /boot instead. Many people who distro hop use a separate /boot although I've always seen it as overkill. If you prefer this option, during the install phase when you select your partitions for / /home and /swap it will include anything not specifically separated out inside /. If you choose your SD card partition and mount it as /boot that's where /boot will install to.
Now when you boot with the SD card in, it will use the Grub file from the SD card, showing both your decoy and main OS, as well as the kernels and a timer. You can clean that up if you wish, I always do. When you boot up with the SD card out, it uses the Grub from the decoy OS installed on the HD, offers no menu and boots straight into your decoy.
Make a backup of that SD card, and carry the SD card inside your camera as it's storage. If you're asked to power the PC on, make sure you do it without the SD card, it's totally separate right?
As I said in the HPR episode, the key here is to cooperate, to let them explore, to let them see without seeing. For that, the decoy has to feel like home, it has to feel lived in. If that isn't done right, it'll trigger that there may be something else that's hidden.
Another touch I'd do, is set up symlinks for things like documents, pictures etc to a NAS drive, instead of having fake documents there. Your NAS is at home of course, it's also only accessible from your home network for security, so outside of your home network, these links obviously don't work.
There's no reason why you can't multi boot with the same principle, but make sure only your decoy OS installs it's bootloader to the root of the main HD. If you multi boot, remember you only have 4 primary partitions on any physical HD, so use Extended and Logical partitions for most of it.
Every time there's a new kernel in any of your installs, part of the install process is that it will update grub. It may find the other OS's. This is not an issue while the default is the same, and the timer is still at 0. I've never seen any update change those settings, but it would be worth booting without the SD card in before you start your travels, just to do updates and make sure it boots without showing the Grub menu. If it does, nip in and bounce the timer back to 0.
You could always nip into the BIOS before traveling and switch the first boot device to HD, that way you don't have to worry about booting with the SD card in, it won't try to read it. Then nip in and revert it back to USB / SD when at your location. I'd still be carrying the SD card separate though.
Thank You!
This has proven invaluable. My company sends me on many trips abroad and the hassle of explaining exactly what GNU/Linux OSes are is a real pain. On my most recent trip out (to Sydney,Australia), I reverted my laptop to its original Windows 7 configuration (unfortunately it is required for work) and setup the entire system in the manner you instructed. Needless to say, it worked like a charm. Once again Sir, I most emphatically thank you! Please continue with your good work.
Add new comment