[HacktionLab] Steam Deck encryption

[Ben Green]

Hi all,

I went through a process of getting my Steam Deck secure enough to use 
as a portable system. It doesn't come with any encryption at all. 
Getting data from it would mean putting undoing a few screws and 
removing the SSD. I started on a set of scripts to:

 1. Create an encrypted swap partition.
 2. Mount that as a swap.
 3. Create an encrypted file partition.
 4. Mount the file partition on all the sensitive places of the
    /home/deck home using bind mounts

Here's what you can't do on the Steam Deck that would be useful.

  * Use overlayfs (it's already used to mount the imuttable root
    underneath the home directory) - might be possible to make this work.
  * Install an different OS easily (possible on the SD card but not so fun).
  * Have persistent changes on the root FS.

I'm thinking the bits I've made, which are by no means very complicated, 
might be helpful.

I think another Ben was interested in this project, so I'm putting this 
here to contact him and to see if this is of interest to anyone. Might 
bung it on gitlab if so.

Cheers,

Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20230705/74c96148/attachment.html>