This setup lets a user choose between using a secure encrypted system or the default unencrypted system. To switch from insecure to secure the user has to merely mount the encrypted SD drive. No need to login as a different user. We take advantage of Firefox, Thunderbird, Pidgins ability to point to different profiles. As such setting up the secure profiles is the only complicated step but the trade off is that one can use secure or insecure programs quickly. This is most useful for users that want to be able to take their encrypted data (mail, profiles, work etc) between multiple PC's or someone that wants the option to have their encrypted data in their pocket when the laptop is left at home.

This setup is based on a EEEPC 701 4G Surf, German edition. We use the default Xandros setup but with the following additions:

• Truecrypt (encrypted partition on external SD)
• Pidgin (with OTR for encrypted Instant Messaging)
• Firefox 3 & Tor (for anonymous routing)
• Thunderbird & GPG
• Yakuake (the quake style console)
• scripts for proper backup
• fan control
• Python 1.5,2.4,2.5
• wine (running simple windows apps)

I use the Yakuake console as my main interface. So, leaving the default graphical interface in Easy Mode or switching to advanced was not important. I chose to leave it in Easy Mode just to retain greater compatibility with the default setup.

most steps are run from the command console. hence:

• press <ctrl>+<alt>+t to open a command console.

• run: sudo apt-get update
• run: sudo apt-get install dist-upgrade

NOTE: if for some reason you ran the language change step before this one the dist-upgrade will fail when trying to install “voice-command-de”. To get past this uninstall voice-command: sudo apt-get remove voice-command

• run: /opt/xandros/bin/locale-change

Both the SD bus and the CPU are bottlenecks for this setup. In following with instructions from Overclocking the Front Side Bus (FSB) to 100 MHz with a Linux kernel module:

• run: wget http://kibobo.free.fr/EEE/acpi/eee.ko
• run: mv eee.ko /lib/modules/`uname –kernel-release`/kernel/drivers/acpi
• run: depmod -a
• add “eee” to the bottom of the list of the /etc/modules file. also add the “i2c_i801” module there as well, above “eee”.

The modules should load now on restart. For troubles, refer to Overclocking the Front Side Bus (FSB) to 100 MHz with a Linux kernel module

to use and overclock:

• download the change script: fsb.txt.gz
• run: gzip -d fsb.sh.gz
• run: sudo chmod 755 fsb.sh
• run: sudo mv fsb.sh /usr/bin/fsb
• run: fsb

• sudo apt-get update && sudo apt-get install libfuse2 fuse-utils
• wget http://ftp.linux.hr/asuseee/xandros/binary/truecrypt_5.0-1_i386.deb
• sudo dpkg -i truecrypt_5.0-1_i386.deb
• rm truecrypt_5.0-1_i386.deb

IMPORTANT: rc.shutdown: truecrypt -d (unmount) and unmount the SD when using. Or see Proper unmount of external drives for scripts and details, or the section on system script setup in this page.

The Truecrypt article has more indepth detail. Also, here.

Install a Newer Version of Pidgin details both how to compile or install from repository. Compile is more future proof, but rep is more time proof. Consult the doc if you want to compile. here is how to add and use the repository:

• edit /etc/apt/sources.list and add: deb http://updates.xepc.org/ p701 main
• run: wget -O - http://updates.xepc.org/dists/p701/xepc-pubkey.txt | sudo apt-key add -
• run: sudo apt-get update
• run: sudo apt-get install pidgin-otr

Check version: dpkg -l pidgin

• run: wget http://ftp.linux.hr/asuseee/xandros/binary/yakuake_2.8.1-1_i386.deb
• run: sudo dpkg -i yakuake_2.8.1-1_i386.deb

• run: sudo apt-get install thunderbird
• run: sudo ln -s /opt/thunderbird/thunderbird /usr/bin/.
• wget https://addons.mozilla.org/en-US/thunderbird/downloads/file/35512/enigmail-0.95.7-tb+sm.xpi?type=application/octet-stream
• open the file in thunderbird

from http://ftp.linux.hr/asuseee/xandros/binary/: rar, ntfs 3g, nmap add debian sources: sudo vi /etc/apt/sources.list add: deb http://ftp.us.debian.org/debian/ stable main contrib non-free good for wireshark, wine

Truecrypt, FSB overclock

Running a script at startup edit /usr/bin/startsimple.sh add lines just before: ”/opt/xandros/bin/AsusLauncher &”

make encrypted drive on SD mkdir inside user home dir for encrypted mount make a script on the encrypted drive which sets up the following aliases: EXT=$HOME/enc alias enc_firefox3=“firefox3 -no-remote -profile $EXT/” alias enc_pidgin=“pidgin -m -c $EXT/” alias enc_thundrbrd=“export GNUPGHOME=$EXT/.gnupg/ && thunderbird -profile $EXT/.thu nderbird/?????????.default/”

add script to default users .bashrc: if [ -f /home/user/enc/etc/shortcuts ]; then

 .  /home/user/enc/etc/shortcuts

fi

…