Dual boot with any Linux and Windows 7/8 having UEFI

[sammy2fish]

YouCanToo...

Well my previous motherboard died on me in the fall of2012.  It and it's "buddies" were 4 years old.

So I had to buy a new board, chip & ram.  Board (Gigabyte ga-b75m-d3h), cpu (i5 3330), ram (2) 4-gig matched sticks.

The tower is still a CoolerMaster Centurion, and 600-watt CoolerMaster power supply.  Two optical drives that are seldom used.

I hope this will last me for the next 4 years.

[zacharysonicfast]

Ok, I put in the dvd and restarted the computer. I installed linux to a second hard drive.

Linux worked fine.

When starting windows 7, windows refused to start and popped up the part that makes me reformat and reinstall windows without any other choices.

Windows worked but after that Linux didn't and couldn't boot.

I am using a brand new asus laptop with i5 cpu. I have no idea what motherboard or other hardware descriptions it has.

The only way I get to use Linux is to remove the windows drive, plug in an external drive, install linux to that drive, shut down the computer and reinstall the windows drive, unplug the external drive and boot windows.

If I want to use linux I have to have the computer off, plug in the external drive, boot the computer, select the external drive to boot from. If i make a mistake and forget to unplug the drive while windows is booting, windows will force a reformat and reinstall every time.

The only version of linux I can leave attached is puppy linux because it seems it doesn't set a boot flag or use a non-windows partition.

I even tried making a permanent linux swapfile partition so I could use a dvd or flash drive with faster performance. Windows refused to start until I reformatted and reinstalled windows or removed the 'unauthorized' partition. It seems that windows wants only windows on the computer.

I hate UEFI...

I won't touch the windows drive at all, for warranty reasons.

You are telling us a story about what you think is happening with nothing supporting it. How about a step by step with real information like exact error messages, and what your grub entries for both Windows and Linux are. Many others have dual boot systems with Windows and Linux and don't experience what you claim, and it's hard to verify anything if you report only after you've destroyed all the evidence.

Install Linux, then boot into it, and post here when that is done. We will have questions that can only be answered if you can run the commands we give, and those commands must be given from a running installed Linux system.

I cannot post screenshots for obvious reasons.

PCLOS and any other linux works great, until I try to go back into windows7. The error says somethng like windows detected(can't remember exactly) and only gave me a choice to repair windows. Repairing actually did a full R/R, thus leaving linux unbootable.

I tried just simply putting a linux swapfile partition on a flash drive, leaving the drive in, and started windows. Again, windows forced a reformat & reinstall every time until I got rid of anything linux related, except puppy linux.

I will probably just pull the win7 drive out, disable uefi in bios, install an ssd, format it to ext3, install pclos if it will let me. 64gb ssd should be plenty for linux. I can always use an external usb hard drive to save anything too big or too much stuff. I just surf the internet, check emails, and play some flash games. Once in a while a youtube vid or d/l something.

I only needed windows so I could use my usb internet device. The device is too new for linux to support it yet. I just have to suffer without having internet anywhere but a public wifi.

Also, the intel 4000 (?) video card isn't fully supported by linux yet either. I can only get pclos to work in 800x600 mode.
But linux Mint 13 does not have this issue (It does have issues with forcing the system clock exactly 6 hours into the future every time you reboot though).

I don't want to fool with windows or the drive it comes on. If I ever wanted to sell the laptop I can't get much for it without windows on it.

A question though - is there some way to securely erase a used ssd drive totally before installing Linux on it? I mean every bit of info so that none of it can be recovered? It used to have ntfs and windows xp on it. I dont know what else was on it but I surely do not want to take chances.

[Just17]

A question though - is there some way to securely erase a used ssd drive totally before installing Linux on it? I mean every bit of info so that none of it can be recovered? It used to have ntfs and windows xp on it. I dont know what else was on it but I surely do not want to take chances.

The manufacturers often supply a means of doing so .....  check the manufacturer's website.

[zacharysonicfast]

I just switched hard drives. Pulled win7 out and put in an ssd with mint 13 on it.
There is one feature Mint13 has that none of the others I tried seems to have - in the networking I can select RANDOM (a button) to give me a random MAC address without having to type one in.
This is great for anonymity and easy to use.

As soon as the internet where I am gets fixed I will download pclos again and see if it has the features I need for use on a laptop and to keep me anonymous.

I also disabled UEFI in BIOS to ensure that the drive and linux mint worked. And it does flawlessly.

I just do not have the capability to use mobile wireless now. But I might have a way around that problem. A hassle but I can do it. And it does not involve trying to get linux to work with it either.

Side note: With the recent massacre in a US School, the internet is flooded with people online trying to read about it.
This will make things a bit slow so that might make me have to wait to d/l much of anything.
I feel bad for the parents and kids. All because of a lack of security. If the schools were to treat entrances like courthouses do then perhaps this would not have happened. And the families could have had a wonderful christmas or other holiday festivities. I do wonder why he targeted the staff as well as the kids. The press and others aren't telling the whole story.

[NoMicrosoft4ME?]

A question though - is there some way to securely erase a used ssd drive totally before installing Linux on it? I mean every bit of info so that none of it can be recovered? It used to have ntfs and windows xp on it. I dont know what else was on it but I surely do not want to take chances.

I do not want to intrude, but have you looked at BootAndNuke?  www.dban.org  I am not sure about ssd drives, but it seems to work on other hard drives.  Hope it helps.

[zacharysonicfast]

I looked at dban. Thanks.

SSD's can be overwritten numerous times like a hard drive to erase info. But it is a slow process.

Evidence Eliminator used to be 100% secure in it's erasure due to magnetic underwriting. I am not sure the new version still does it nor if it works on ssd's.

EE also used to clean the file slack with mag underwriting too.

I read somewhere that there are rootkits that can survive disk erasure. Hmmm....

[zorlac]

Do you work for the NSA or something? 

[zacharysonicfast]

LOL no. I am trying to slow or stop a stalker. There is nothing law enforcement can do *until* they break another law. By then it could be too late for me and my family.

Loads of traces can be found on someone's hard drives. If you use a used one like I am doing there could be traces of bad things on it that I can't explain.
Remember, a civil court can do the same things as a criminal court - analyze your hard drive and burn you for things that used to be on it just for someone else to use against you.

I don't want to be responsible for things that could be on a used hard drive either.

If I were that paranoid I would just use a run from cd/dvd version of linux. Nothing wrong with wanting to be careful.

I am using Linux Mint at the moment. I want to go back to pclos but it isn't ready enough to support my hardware yet. So I am patient and will wait for Texstar to get around to it.

Ok, back to security - let's say you did online banking. Let's say you thought you deleted and erased everything.
Let's say you sold your laptop or hard drive to someone else or just tossed them.
A bad guy could get it, analyze the remains and possibly find something useful that could cause you problems.

Let's say you had a stalker after you. It is not hard to determine your location based on hardware ID's, MAC address, IP address, etc.
So, to help protect yourself you need to know how to anonymize your activity in such a way that they cannot directly locate you.
You would surely want to have the upper hand and take proactive steps to protect yourself and family.
The government can still find you because of police powers. I am not hiding from them, but do want to make it so that I know about what is going on. And want to have control over any information they get. We all know how the government loves to twist things around. And when they do that it can cost you everything you have trying to defend yourself.
All a stalker has to do if they have no other choice is to file a simple criminal charge against you or maybe a civil suit of some sort and a right of information. Any charge, no matter how small, whether it is true or not. Once they have you in the clutches of the judicial system you are at their mercy. Law enforcement won't do a man hunt but will take you into custody at their earliest convenience. If you have your laptop with you like many people do, they can do anything they want to it to add additional charges against you, whether any gleaned data is yours or not. Even if you can be found not guilty or case dismissed, the damage is already done. You have a criminal record (arrest record) that can haunt you the rest of your life. Some tell me to get a gun. I don't want to do this and shouldn't have to. I am not sure I could even use it if I had to. I don't want to hurt anyone. I just want to be left in peace.

None of this has anything to do with the topic though.

I wanted to dual boot win7 with uefi so I can use a cheap internet cash paid for service that can be done anywhere type mobile wireless device and some flavor of linux when using wifi but it cannot be done without windows making me reformat and reinstall windows, thus leaving linux impotent.

I hope that pclos will come up with a point and click feature like mint13 has that you can click on to randomize your mac address. This is a great way to toss a wrench into the works and protect yourself.

I looked at gparted and didn't see any option for making a uefi partition either. Nor any way to make the reserved microsoft partition.

Maybe pclos could have the default install set for encrypted partition and auto detect an ssd and instill the necessary trim command?

More on security - you can get and use an IRONKEY with TAILS on it if necessary, and connect via the TOR network using either a German or Russian proxy server. Those do not honor information requests by the us unless it is terrorist related or some other high crime. Even then the diplomatic red tape will take a while.
IRONKEY self destructs if anyone tries to analyze it directly. And x-rays, electron microscopes and such are useless due to the design.
This is a great item for sensitive corporate secrets too.

Oh, file slack bits can be of value to snoopers. Even linux has those like windows does.

SSD's can be analyzed down to 4 levels deep I think. Even fire cannot destroy them unless it is hot enough and long enough.

But a tazer might work though....

Here is something you might want to see - look up NSA keys. They have been around since win95...

[Just17]

When you find a real-world example of files being recovered in a human readable form, from any HDD, manufactured in the last 10 years, after that drive has been overwritten even once with zeros, 1s, or a random combination of 1s & 0s, please post the link.

Without a real-world example, it hasn't happened. 

[zacharysonicfast]

I might be able to find something but this is sufficient enough for me to be worried:

http://en.wikipedia.org/wiki/National_Industrial_Security_Program

Look under Data sanitization

"As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable."

That applies to traditional disks. SSD's and flash drives require a slightly different approach.

In Windows, small files can be kept in the MFT instead f the normal portion of the hard drive.

Sometimes, if the opponent spends enough money, an electron microscope can glean data even after wiping.

Evidence eliminator uses a procedure called magnetic underwriting whereby not only is the drive zeroed it also magnetically underwrites the entire disk to polarize any remnants that could remain.

SSD and such still require a little different approach.

The technology to reconstruct portions of usable data has been around for over a decade.

Since real life cases containing procedures and listing of methods are hard to come by you can be sure that those do exist. Otherwise companies wouldn't try to sell tools to ensure 100% erasure of even the smallest amount of data.

At one time Norton had a means to directly view and alter data directly on the platter. I used this years ago to get rid of a nasty virus that wouldn't go away.

I could see bits and pieces of data even after a low level format. Enough to be able to see (guess) what was there. But not all the data was evident.

Data contained in file slack is there unless you delete and zero out the file, and sometimes even then.

Here is a link that talks about forensic cleaning of disks:

http://www.x-ways.net/winhex/forensics.html

This one explains a bit on how the FBI gets zeroed information:

http://wiki.answers.com/Q/Can_data_be_recovered_from_a_zero-filled_hard_disk

And if you want to 'zero' a flash or ssd drive then you are doing it the wrong way. 1st you write all 1's, at least 4 or more times. That will make it quite difficult to glean data.
But not impossible.

Here is a machine that can erase a disk as well:

http://www.veritysystems.com/degaussers/nsa-approved-degausser.asp?gclid=CPuS8tvmqbQCFQioPAodPkIATw

And those are but a scant few ways that data can be recovered.
You don't need to know the specifics on how it can be done but you DO need to know how to ensure that data cannot be read.

Tons of information can be obtained simply by reading 'between the lines'.

Data can be stored for HOURS in your computer RAM too, even with the power disconnected. And can easily be copied at most police labs and many high end private investigator labs.

The next generation of RAM will indefinitely store what is in it (presumably) for speedy boots and restarts. Of course this will leave you vulnerable if someone takes your computer.

A sophisticated way to circumvent data recovery is to encrypt everything, including what gets put into ram.

Also, did you know that companies are trying to use cross browser cookie theft to obtain your info?

If you have say chrome and firefox on your rig, a sneaky javascript can scan the other's cookies and tattle back to whomever wants them?
This is not to say that there are any real world examples, but it is entirely possible and they are working on a way to do it.

Eventually, all of this will go by the wayside in favor of cloud computing. You will only have a 'terminal' (e.g. cell phone, tablet, etc) and everything will be stored in the cloud for whatever nefarious reasons someone would ant it for.

There won't be any such thing as an operating system for people. You use what they give you and you have to be happy if you want to or not. You will have no control over your data, nor who does what with it.

Right now, can you be 100% certain that no one, anywhere, has ever looked at any of your browsing habits or data?

You can't. No one can.

So, in the meantime, try to CYA as much as you can. Someone out there is wanting everyone's data.

They make loads of money off you and you don't see a dime of it.

Ever do a search on yourself online?

Zabasearch and Spokeo both have a lot of information on people. And if you sign up and pay for premium services they add all your info to their data base as well, to sell to someone else.

It is called data brokering. They want it, you got it, and if they can get it for nothing, they will sell it.

We will need to start a new thread if we want to continue. I enjoy discussing security...  :-)

Note: It is entirely possible to have unnecessary data stored into the uefi sector of a hard drive. Only Microsoft knows for sure....

[zorlac]

"Even fire cannot destroy them unless it is hot enough and long enough."

I dunno, but an acetylene torch or a metal cutting bandsaw oughta do the trick. 
We'd put stuff on the freight train tracks as kids, that was fun, kinda makes it real flat. 
Hope I never get this paranoid. 

[zacharysonicfast]

LOL. I wish I didn't have to be this way either. But facts are facts unfortunately.

A torch can do it if you used it on all parts. But not everyone has access to that kind of torch. Why destroy a good drive when you can sell it or give it away? Seems wasteful.

A hammer or bandsaw won't because they can get info off the remaining parts.

A train might work nicely, but not everyone is near a train, and you have to be certain that all parts are squashed. But even with that, a tiny piece containing the wrong info could remain.

When I mentioned fire, I was referring to tossing one into a fire. Tossing into a smelter is the perfect way to eliminate everything.

All it takes is one case of mistaken identity, the police do forensics on your computer, and you got some big lawyer bills to pay.

Of course, data can be reconstructed from your internet activity as well - look up FBI Carnivore for one example.

The Patriot Act, albeit unconstitutional on numerous fronts, requires ISP's and others to keep all activity for at least 2 years for casual law enforcement access.

To quote a popular tv show - 'resistance is futile, you will be assimilated' seems rather eerie when it begins to parallel real world things.

All it takes is one trojan to put illegal content on your computer and you are guilty unless you can prove otherwise.

Who knows what the previous hard drive owner had on that drive before someone gets it.

I wonder if reformatting an ntfs partition into a linux partition could scramble things enough. Prolly not.

[Just17]

This post needs some detailed responses, because from what I have read it is full of innuendo and possibilities, without one iota of fact in answer to my question .....  which was to supply one .....  not many, only one .....  example of human readable data being recovered from a zeroed HDD.
You failed to provide any at all.

I might be able to find something but this is sufficient enough for me to be worried:

http://en.wikipedia.org/wiki/National_Industrial_Security_Program

Look under Data sanitization

"As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable."

What is 'acceptable' is not an indication of anything except a requirement by officialdom whose employees are covering their collective ass.

That applies to traditional disks. SSD's and flash drives require a slightly different approach.

In Windows, small files can be kept in the MFT instead f the normal portion of the hard drive.

Sometimes, if the opponent spends enough money, an electron microscope can glean data even after wiping.

I see .....  how many people are you aware of that have access to such machinery?

Of those how many have used the machinery to recover data from a zeroed HDD?

If anything was recovered, how much of it was in human readable format?

Evidence eliminator uses a procedure called magnetic underwriting whereby not only is the drive zeroed it also magnetically underwrites the entire disk to polarize any remnants that could remain.

SSD and such still require a little different approach.

The technology to reconstruct portions of usable data has been around for over a decade.

Since real life cases containing procedures and listing of methods are hard to come by you can be sure that those do exist. Otherwise companies wouldn't try to sell tools to ensure 100% erasure of even the smallest amount of data.

That is the most illogical statement I have read in ages!

First of all there are NO real life cases of files being recovered, so it is impossible to 'come by' any method or procedure to do so.

Companies will sell anything they can persuade you to buy. That they do so is an indication only of their primary purpose .....  to make money for their owners/shareholders.

At one time Norton had a means to directly view and alter data directly on the platter. I used this years ago to get rid of a nasty virus that wouldn't go away.

Obviously the data had not been overwritten!

Irrelevant to the situation where a HDD has been zeroed!

I could see bits and pieces of data even after a low level format. Enough to be able to see (guess) what was there. But not all the data was evident.

Obviously your 'low level format' did not overwrite all the disk!

Data contained in file slack is there unless you delete and zero out the file, and sometimes even then.

Here is a link that talks about forensic cleaning of disks:

http://www.x-ways.net/winhex/forensics.html

This one explains a bit on how the FBI gets zeroed information:

http://wiki.answers.com/Q/Can_data_be_recovered_from_a_zero-filled_hard_disk

And if you want to 'zero' a flash or ssd drive then you are doing it the wrong way. 1st you write all 1's, at least 4 or more times. That will make it quite difficult to glean data.
But not impossible.

Here is a machine that can erase a disk as well:

http://www.veritysystems.com/degaussers/nsa-approved-degausser.asp?gclid=CPuS8tvmqbQCFQioPAodPkIATw

And those are but a scant few ways that data can be recovered.
You don't need to know the specifics on how it can be done but you DO need to know how to ensure that data cannot be read.

A degausser will indeed wipe a disk, I never suggested otherwise.

"As the drive is formated all ones are converted to zeros. In this process new zeros replace the older ones but the older zeros remain "in place". This causes magnetic fields of slightly diffrent intensities on the surface of the disk i.e., the magnetic field of older zeros is of lesser intensity then that of the newer zeros. This change can be read by special equipment under special conditions . This is how FBI recovers data from a ZERO-FILLED hard drive."

This is purely speculative and nothing else.
It also appears to assume that older zeros are not written to with a fresh zero.
Anyway that is immaterial.

Take any individual bit of the disk, which has been written to many times during its lifetime.
If that bit is logical zero before being zeroed again, it will still contain 'some' residual magnetism from previous 1s.
It is not possible to determine with any accuracy, whether the residual magnetism that is detected is a remnant of the last write before being zeroed or a previous write to the last.
So now consider millions of such bits, and the fact that most which have been previously used are 'indeterminate', the possibility of recreating a file from such bits is as near impossible as you will ever likely find.
Now consider that you have millions of bits, containing maybe tens of thousands of files, and no indication where any file begins, and no certainty that any particular bit was previously a 1 or 0.

Add all that to the fact that the machinery for examining a disk in such a manner is not what one could call 'common'.
It certainly would not be available to anyone except 'officialdom' ......  and they would make use of it very very sparingly due to the cost and uncertain results.

There is no recorded instance of the results of such an examination being used in ANY court case against anyone.
 
Yet again .....  no example of success is available.

Tons of information can be obtained simply by reading 'between the lines'.

Do you seriously believe this nonsense?

Data can be stored for HOURS in your computer RAM too, even with the power disconnected. And can easily be copied at most police labs and many high end private investigator labs.

The next generation of RAM will indefinitely store what is in it (presumably) for speedy boots and restarts. Of course this will leave you vulnerable if someone takes your computer.

A sophisticated way to circumvent data recovery is to encrypt everything, including what gets put into ram.

It is easier and less costly, as well as more certain to break encryption.

If you really want to hide files from 'officialdom' then encrypt everything AND zero the drive!

Also, did you know that companies are trying to use cross browser cookie theft to obtain your info?

If you have say chrome and firefox on your rig, a sneaky javascript can scan the other's cookies and tattle back to whomever wants them?
This is not to say that there are any real world examples, but it is entirely possible and they are working on a way to do it.

Eventually, all of this will go by the wayside in favor of cloud computing. You will only have a 'terminal' (e.g. cell phone, tablet, etc) and everything will be stored in the cloud for whatever nefarious reasons someone would ant it for.

There won't be any such thing as an operating system for people. You use what they give you and you have to be happy if you want to or not. You will have no control over your data, nor who does what with it.

Right now, can you be 100% certain that no one, anywhere, has ever looked at any of your browsing habits or data?

You can't. No one can.

So, in the meantime, try to CYA as much as you can. Someone out there is wanting everyone's data.

They make loads of money off you and you don't see a dime of it.

Ever do a search on yourself online?

Zabasearch and Spokeo both have a lot of information on people. And if you sign up and pay for premium services they add all your info to their data base as well, to sell to someone else.

It is called data brokering. They want it, you got it, and if they can get it for nothing, they will sell it.

We will need to start a new thread if we want to continue. I enjoy discussing security...  :-)

Note: It is entirely possible to have unnecessary data stored into the uefi sector of a hard drive. Only Microsoft knows for sure....

When you link to an actual instance of human readable files being recovered from a zeroed HDD, we will have something to discuss.


I will make your task even simpler .......  find one ....  yes only one .....  commercial service that offers to reliably recover files from a HDD that has been zeroed with only ONE pass.

Hint:  You won't, because it cannot be done 

If it could you can be sure there would be some organisation offering to sell you the service.


Before I posted I decided to do a search for "recover zeroed HDD"  and this was the first link provided

http://www.h-online.com/newsticker/news/item/Secure-deletion-a-single-overwrite-will-do-it-739699.html

This was the second

http://hostjury.com/blog/view/195/the-great-zero-challenge-remains-unaccepted

http://16systems.com/zero/index.html

[zacharysonicfast]

Doubtful that the government will admit they can do it. But if I get the time and the friggin internet where I am will stay connected I will see what I can find.

Thanks for the links.

[zacharysonicfast]

If it was dubious then why are there so many articles on the internet stating what I said is entirely possible?

http://www.theregister.co.uk/2011/02/21/flash_drive_erasing_peril/

You would have to get them to divulge their sources apparently.

For me, I do not want to take any chances. All it takes is one time to cause problems.

http://www.tomshardware.com/forum/244694-32-does-filling-delete-data

"A simple zero-fill (one pass) will be enough to make sure that no software can recover anything, but the CIA/NSA can take the drive apart in their labs and recover from a zero-fill pretty easily. "

And so can many others who have the right equipment.