From 45d5e9d1984971edb6e8a3887cd796a0aa09874e Mon Sep 17 00:00:00 2001 From: arcanedev Date: Wed, 11 Aug 2021 22:31:25 +0000 Subject: [PATCH] Formatting --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b77c97a..e211191 100644 --- a/README.md +++ b/README.md @@ -438,9 +438,9 @@ For instance, create a function for mounting your encrypted drive, closing out a As previously noted, secure deletion is generally impossible on SSDs. Also, any bad sectors on a drive (SSD or HDD) cannot be securely erased by software. Such bad sectors must be erased physically. Kali and Parrot include a LUKS "nuke" feature which erases the LUKS headers. This can be used to ensure an encrypted drive cannot be decrypted, even if your password can be broken. This feature can also be installed on any Linux-based OS. Installation of the LUKS nuke feature may conflict with Secure Boot on OSs which don't support it by default. -With the Bourne Again Shell (BASH) built into GNU/Linux systems, you can create simple functions that will perform these tasks. ([See Appendix A](#appendix-a) +With the Bourne Again Shell (BASH) built into GNU/Linux systems, you can create simple functions that will perform these tasks. ([See Appendix A](#appendix-a)) -Paste the text from Appendix A inside a text file > Rename the script to script.sh > Run "chmod +x script.sh" to make the script executable > Now all you must do is open a terminal and type "./script.sh" and do your will. +Paste the text from Appendix A inside a text file > Rename the script to script.sh > Run `chmod +x script.sh` to make the script executable > Now all you must do is open a terminal and type `./script.sh` and do your will. That wasn't so painful now, was it? Some of this efficiency does come with a high price to be paid; obscurity and cryptographic security are harmed in the production of this script. The script would give away your PIM number for your encrypted drive. This gives investigators one less field to guess in the decryption process. As for obscurity, it becomes evident which keys are being used and which hidden volume is being decrypted. Kiss your plausible deniability goodbye. To retain some of the obscurity, one could create multiple dummy scripts, one for each volume, and even create scripts for volumes that don't actually exist. Take a mental note at the specific script needed for execution, and the varying duplicates will add to the case's confusion.