Sciencemadness Discussion Board

Encrypted Lab Notebook

JJay - 6-8-2017 at 18:00

Several months ago, I started keeping my lab notebook on a machine with an encrypted drive. I haven't conducted any illegal experiments, but I don't want people casually paging through it.

Since there is little purpose to keeping information on an encrypted drive with the machine running all the time, I wrote this script to shut down the machine (it's a Linux box) when the machine has been idle for more than 15 minutes. I run it every minute as a cron job:
Code:
#!/usr/bin/perl use strict; use List::Util qw[min max]; my $MAX_IDLE = 15 * 60 - 1; my $HOME = $ENV{"HOME"}; # check how long currently logged in users have been idle my $ttyidletime = `who -s | perl -lane 'print 86400 * -A "/dev/\$F[1]"' | sort --numeric-sort | tail -1`; chomp $ttyidletime; if("$ttyidletime" eq "") { $ttyidletime = 999999; } # get uptime my $uptimeo = `cat /proc/uptime`; chomp $uptimeo; $uptimeo =~ m/([0-9]+)/; my $uptime = $1; # also check time since last login my $lastlog = `ls /dev/tty* -l | cut -c36-47 | xargs -d'\\n' -l1 -i{} date -d{} +'%s' | sort | tail -1`; chomp $lastlog; my $lasttime = time() - $lastlog; # check xwindows idle time $ENV{DISPLAY} = ":0.0"; my $xidle = `xprintidle | head -1`; my $xidletime = 999999; if($xidle =~ m/([0-9]+)[ \t]+([0-9]+)/) { $xidletime = $2; $xidletime /= 1000; } system "echo 'ttyidletime is \"$ttyidletime\"' > $HOME/rebooter_status.txt"; system "echo 'uptime is \"$uptime\"' >> $HOME/rebooter_status.txt"; system "echo 'lasttime is \"$lasttime\"' >> $HOME/rebooter_status.txt"; system "echo 'xidletime is \"$xidletime\"' >> $HOME/rebooter_status.txt"; my $idletime = min($ttyidletime, $uptime, $lasttime, $xidletime); if($idletime > $MAX_IDLE) { system "echo /sbin/shutdown -h now >> $HOME/rebooter_status.txt"; system "/sbin/shutdown -h now"; } else { system "echo idletime is not high enough >> $HOME/rebooter_status.txt"; }


I've been thinking it would be good to add an extra layer of security by using an editor that allows modifying PGP-encrypted files in place, but for my purposes, that's probably overkill. I've also considered that it might be useful to register parts of it in a blockchain if I were to discover something patentable. And I would like to be up to date on all the latest tinfoil hat technology :) Am I the only one who keeps an encrypted lab notebook? What do you do to keep your lab notebook secure?

[Edited on 7-8-2017 by JJay]

Metacelsus - 6-8-2017 at 18:16

I've got full-disk encryption set up on my computer. Besides that, the lab notebook file itself isn't encrypted in any special way. I haven't done any home science in a while (since I've been working in university research labs), so I don't use that notebook very much.

Texium - 6-8-2017 at 20:14

I really don't see the point of encrypting a lab notebook unless you're doing something illegal. I mean, my blog is essentially a copy of my home chemistry lab notebook. Publicly available. Other than that I just do things the old fashioned way and write up my experiments in a physical notebook, the contents of which I'm happy to share with anyone interested.

And it's just my opinion, but I feel like if you truly have nothing to hide, JJay, your paranoia is only creating a self-fulfilling prophecy by making you look suspicious...

Loptr - 6-8-2017 at 20:24

Yeah, no need to go to all that trouble to hide your lab notebook. What is in there that isn't already available by access to the lab itself. It's not like the physical lab gets locked up into this encrypted drive when the script executes.

What are you really gaining/accomplishing other than tending to fantasies? If it's casual observation that you are concerned about then a simple locked drawer would suffice.

JJay - 6-8-2017 at 20:42

Quote: Originally posted by zts16  
I really don't see the point of encrypting a lab notebook unless you're doing something illegal. I mean, my blog is essentially a copy of my home chemistry lab notebook. Publicly available. Other than that I just do things the old fashioned way and write up my experiments in a physical notebook, the contents of which I'm happy to share with anyone interested.

And it's just my opinion, but I feel like if you truly have nothing to hide, JJay, your paranoia is only creating a self-fulfilling prophecy by making you look suspicious...


Your opinion is noted, but I respectfully disagree. I would suggest that this is a topic of interest to many people on this board, and it was posted in the non-chemistry section. You don't like discussion of encryption in the non-chemistry section?

Case in point. If I had done this, I would not be wanting people to casually stumble across it: https://texium.wordpress.com/2017/03/22/preparation-of-anthr... Perhaps you aren't making quaaludes at home, but why should you have to prove it? It takes very little effort for me to keep my lab notebook encrypted. I see absolutely no evidence whatsoever of any amateur using a lab notebook as a defense and I see several instances where a well-meaning amateur went to prison after police read his lab notebook.




[Edited on 7-8-2017 by JJay]

j_sum1 - 6-8-2017 at 21:08

My notebook is encrypted. It's really difficult to read my handwriting. Access is limited to one person at a time and you have to be in a particular physical location to see its contents.

I think my notebook is more secure than yours will ever be, JJay.

JJay - 6-8-2017 at 21:16

Quote: Originally posted by j_sum1  
My notebook is encrypted. It's really difficult to read my handwriting. Access is limited to one person at a time and you have to be in a particular physical location to see its contents.

I think my notebook is more secure than yours will ever be, JJay.


I highly doubt that, actually, but it's hard to verify empirically.

Texium - 6-8-2017 at 22:14

Quote: Originally posted by JJay  
Quote: Originally posted by zts16  
I really don't see the point of encrypting a lab notebook unless you're doing something illegal. I mean, my blog is essentially a copy of my home chemistry lab notebook. Publicly available. Other than that I just do things the old fashioned way and write up my experiments in a physical notebook, the contents of which I'm happy to share with anyone interested.

And it's just my opinion, but I feel like if you truly have nothing to hide, JJay, your paranoia is only creating a self-fulfilling prophecy by making you look suspicious...


Your opinion is noted, but I respectfully disagree. I would suggest that this is a topic of interest to many people on this board, and it was posted in the non-chemistry section. You don't like discussion of encryption in the non-chemistry section?

Case in point. If I had done this, I would not be wanting people to casually stumble across it: https://texium.wordpress.com/2017/03/22/preparation-of-anthr... Perhaps you aren't making quaaludes at home, but why should you have to prove it? It takes very little effort for me to keep my lab notebook encrypted. I see absolutely no evidence whatsoever of any amateur using a lab notebook as a defense and I see several instances where a well-meaning amateur went to prison after police read his lab notebook.
I have no issue with sharing that I've made anthranilic acid. At the end of the post I state three purposes of benign and theoretical interest that I have in mind for it. And several instances of a "well-meaning" amateur chemist going to prison after police read his lab notebook? Sources, please...

I don't have any problem with the discussion of lab notebook encryption, I just think it's a silly idea. I agree with j_sum1: if you want it to be truly secure your best bet is to not make a digital copy at all.

Edit: Also here's a prominent example where Tdep's lab notebook served as a piece of evidence in his favor: https://www.sciencemadness.org/whisper/viewthread.php?tid=62... Though they probably would have let him off anyway, it certainly didn't hurt. That's just the first positive example that came to mind for me. I'm certain there are more.

[Edited on 8-7-2017 by zts16]

JJay - 6-8-2017 at 22:31

Sources.. oh geez... let's see here....

The most recent one I can think of was this, but I've seen several others: http://www.sciencemadness.org/talk/viewthread.php?tid=75832

In fairness, there are instances where people have shown their lab notebooks to police and had no problems afterwards, but obviously, police knowledge of his 50 prior experiments, one of which included chlorine gas, didn't help.

Oh and Tdep's experience... I did read about that, but I think they would have let him go without the notebook.




[Edited on 7-8-2017 by JJay]

JJay - 6-8-2017 at 23:01

So anyway, does anyone have a better method for encrypting their files documenting secret mad science experiment results than full drive encryption? :)

violet sin - 6-8-2017 at 23:24

I like the idea of encrypting personal information, comforting kinda like a nice snuggly blanket. Regardless of whether or not there is any monitizable or illicit information I prefer someone expend effort to read it. It took effort to write it.

That said, I'm more in favor of j_sum's method. Hand written notebooks, know locations, accountability. Almost anything electronic is guaranteed to eventually be opened, especially if you piss off the wrong people. It is more convienient to electronically save your data in my opinion. It is more secure to have a physical notebook.

Sulaiman - 6-8-2017 at 23:42

Quote: Originally posted by JJay  
What do you do to keep your lab notebook secure?


I do not like taking my laptop into my lab so I use a real paper notebook.
If you are arrested on suspicion of wrong-doing, you will probably give up your password anyway.

My lab notebook is mildly incriminating
(I've made nitrocelulose and flash powder, and distilled alcohol (though not for consumption as my religion forbids it) etc.
The buk of my experiments are what proves that I'm an amateur mad scientist - not a cook or terrorist, so I have nothing to gain by encrypting my lab notebook.

Maybe you should use alchemical symbols, or your own version, or paint a picture with all of the clues hidden within ?
OR if you think that other readers might get the wrong impression - don't put it in your regular lab notebook !

JJay - 7-8-2017 at 01:00

I think j_sum1 keeps track of grades, so he certainly has taken measures to keep students from changing them. Not to brag at all, but I had absolutely no trouble whatsoever figuring out how to break into the gradebook software in high school, and while I never did anything nefarious with that knowledge (I demonstrated it for the IT department), somehow I doubt things have changed all that much. But perhaps j_sum1 has some techniques he can share with us :)

The idea of writing in secret code is interesting, but it would have to be very easy to master or no one would bother.

(Oh and I should probably mention that some time before I started keeping my lab notebook in electronic form, my physical lab notebook was stolen with my car when a thief took it for a joyride. While I did get it back, I can only imagine what the thief must have thought if she read it. That's not exactly why I started keeping my notebook in electronic form on an encrypted drive, but it was certainly in the back of my mind.)



[Edited on 7-8-2017 by JJay]

chemplayer... - 7-8-2017 at 01:38

External HD encrypted disc + independently encrypted file containing lab notes (in excel using salted SHA hash and AES-256).

Just because you're paranoid doesn't mean they won't be out to get you at some point in the future!

JJay - 7-8-2017 at 02:42

Good ideas. It looks like LibreOffice supports Excel-compatible encryption as well. My lab notebook is just a text file, but I can definitely see some advantages to using a more advanced document format.

woelen - 7-8-2017 at 03:31

If I had to hide my labnotes from other persons, then I would quit my hobby immediately and dispose of my chemicals and equipment today.

I have a paper temporary labbook and I make notes in that if I do experiments. Every now and then, I enter the experiments in my website as text-only experiments, which everyone can view.
If I get a new chemical, I add it to the list of available chemicals, and if I do experiments, worth making notes of, the notes finally end up in the website. I keep the paper notes, but I consider them only as temporary thing and they are not ordered in some specific way (just chronological).

Have a look at this page: http://woelen.homescience.net/science/chem/exps/index_texton...

Nothing encrypted, publicly available, searchable.

This is an example of a single experiment: http://woelen.homescience.net/science/chem/exps/expshow.cgi?...

[Edited on 7-8-17 by woelen]

JJay - 7-8-2017 at 03:36

My major concern was that I didn't want a guest reading about a synthesis of chloroform. There's nothing really wrong with making chloroform, but it does carry a stigma among non-chemists.

j_sum1 - 7-8-2017 at 04:46

This topic seems to have touched a nerve.

My initial comment was mostly in jest -- it does take some skill to decipher my scrawlings. You would need to be fairly motivated to read some pages. I guess there are two issues being discussed here: (a) Do you encrypt personal information and if so how? (b) Is a lab notebook something that should be encrypted?

On the first topic...
Yes there are occasions where stuff should be encrypted. And it does not have to be because you feel you have something to hide. Keeping away prying eyes is a way of keeping yourself safe and gives you liberty to express yourself as you see fit without having to concern yourself with how that information might be misused. Taking steps to ensure privacy does not imply nefarious intent.
As for method...
I am sure that there are multiple ways to encrypt data. It can't be that hard to find a method that meets your security requirements. There is added security if no one knows the method that you have used.
That said, security of files is not the totality of data security. You can have multiple layer 256 bit encryption with a high entropy 64 character password and still be vulnerable to a keylogger or someone standing over your shoulder.
Good practice in this area is part and parcel of the modern age.


The better question is whether a lab notebook should be encrypted. I think a lot comes down to the reasons for keeping a lab book in the first place.
In my situation it is 95% for my own benefit -- to keep a record of what I am doing, what my results were and so forth. There really is not anyone in my vicinity who has (a) the desire to read it or (b) the ability to understand what it means. So the whole issue of privacy is pretty much moot. I could leave it on the coffee table and it would not make a shred of difference.
The other 5% of the reason comes down to the issue of justifying myself or explaining my actions if I ever should need to. I have twice been visited by police to check out my lab. The fact that I have an open lab journal speaks volumes about my intentions and activities. That is my security. And should I ever have to defend myself in court then the journal attests to my innocence. A paper journal is an advantage here since there is no way that it can be altered or redacted. Dated, sequential pages with different pens and used and the occasional spill cannot be fabricated in the same way that a digital file can. Of course a court would need a good reason to subpoena it -- as they would a digital journal. And of course under those circumstances the courts do have the authority to demand decryption under penalty of contempt of court. So all that technical jiggery-pokery may be to no avail anyway.
Another plus for the paper document is that I can draw diagrams. Also when I am visited by police I can get them to sign and date the book. I have done this and have also pasted the officer's business card on the page. The less I look like a meth lab the better.

The only good reason I can see for going digital is the ability to include digital photos and video in my journal. At the moment I simply annotate a reference to information stored in other forms. I cannot see a good reason for me to encrypt. And if I did it would not be any more sophisticated than a password protected zip file. No one else can access the data on my laptop as it is and I see little need to go to extraordinary lengths.

[Edited on 7-8-2017 by j_sum1]

JJay - 7-8-2017 at 06:20

In the U.S., the constitution says that they would not be permitted to hold me in contempt of court for denying them access to my drive. That's not to say that under some circumstance that isn't that far-fetched that some corrupt or incompetent, low-level judge wouldn't try, necessarily, but that wouldn't go over well for the judge, and most judges aren't actually that bad.

Some European countries require encryption key disclosure and some do not. I'm pretty sure that in his country, woelen cannot be compelled to give up encryption keys for his own documents. In Australia, you can be punished for up to two years for failure to disclose an encryption key under court order. In the U.K., whether you can be compelled to give up an encryption key depends on the nature of the crime that is charged.

I'm not quite sure how to interpret the laws on encryption key disclosure in Canada.

To me, it's not a question of whether I should encrypt my lab notebook. I've been encrypting my lab notebook for months. I have the right to do it, and I don't have to justify it to anyone.

j_sum1 - 7-8-2017 at 07:53

Quote: Originally posted by JJay  
To me, it's not a question of whether I should encrypt my lab notebook. I've been encrypting my lab notebook for months. I have the right to do it, and I don't have to justify it to anyone.

Sure you don't.
But really, what is the purpose? You could equally well have an unencrypted notebook and choose not to show anyone.

My angle is that encryption goes against the spirit of why I keep a notebook in the first place. In my situation I cannot see any real upside to encryption and I do see some potential downsides. Not the least of these is what people may infer (rightly or wrongly) by my being secretive. There are other negatives as well. Some are safety related.


I am not attempting to change your mind. (I doubt I could.) IMO it is just not the wisest course of action. You can "keep it secret, keep it safe" without appearing like you are hiding something. From a practical standpoint, how likely is it that someone is going to be trawling through your hard drive without your consent anyway?

karlos³ - 7-8-2017 at 08:52

I´ll keep my handwriting as encryption, works like a charm!
Always had a worse handwriting ever, now I made it deliberately worse over the decades, to the point of having trouble deciphering things twelve years ago :P

JJay - 7-8-2017 at 10:06

I had the box with the encrypted drive sitting around idle for months before I started keeping my lab notebook on it. Otherwise I might have used something like a password-protected zip file. Of course password protection on a zip file won't stop anyone who is really determined :)

battoussai114 - 7-8-2017 at 13:01

While encrypting your notebook will do little more than give you that snuggly fell of false safety, if you're determined on doing it go with a LUKS encryption with a detached header stored in a flashdrive you keep on you most of the time... (Don't forget to cry when said drive is thrown in with the laundry and you loose your data forever).
Now, keeping an encrypted notebook and having a home lab is 158% sure to get whatever law enforcement unit that visits your place to want to come back with a warrant for that computer. Best case scenario you have to give them your keys and they'll find nothing of interest. Worst case scenario is the same except you'll be in jail due to your suspicious behavior while they do that.

Lastly, since you're nowhere as big of a deal as you imagine, I'd strongly advise you stick to security by anonymity and just leave your notes in a locked drawer if you don't want casual readers snooping in.

[Edited on 7-8-2017 by battoussai114]

JJay - 7-8-2017 at 14:15

The only real problem I see with using a flash drive is that they aren't designed to handle the sheer number of read/write cycles required for virtual memory, and you might not want to have unencrypted data in RAM swapped to an unencrypted disk. Sure, the error rate might be only 0.000000000001% after a million read/write cycles, but that is completely unacceptable for virtual memory. And while in this country people can't be compelled to give up encryption keys, it would of course be illegal everywhere to pull the drive out of the computer and smash it if under investigation.

Do you think it is hard for a forensic technician to look through your virtual memory after your computer is powered down? It's not.

battoussai114 - 7-8-2017 at 14:19

Detachable header in flashdrive =/= data in the flashdrive.

JJay - 7-8-2017 at 14:21

I'm not super familiar with LUKS, but I guess the key is stored in the header?

Edit: I'm starting to like this idea. battoussai114 is a certified genius :)



[Edited on 7-8-2017 by JJay]

Cryolite. - 7-8-2017 at 15:05

Whatever is wrong with just a lab desktop computer with an encrypted linux partition? If you are worried about law enforcement, just shut down the machine or reboot it into something innocuous.

JJay - 7-8-2017 at 15:13

It depends on what you're doing. If they're willing to spend hundreds of thousands of dollars cracking your passphrase, they can get into your partition. But getting into it without the master key stored in the LUKS header is tremendously more expensive.

Cryolite. - 7-8-2017 at 15:51

Three points: First, what sort of operation are you running if you think the government is willing to put that sort of money towards breaking into your hard drive?

Second, if you choose a sufficiently good password, I don't see how it would be possible to recover the data in a reasonable amount of time. And in the very least, the password is only in your head, while the detached luks header is on some form of digital media somewhere...

And third, this is all moot if the machine in question is powered on in any form. Recovering the data from RAM should be straightforward for law enforcement should they desire.

[Edited on 7-8-2017 by Cryolite.]

JJay - 7-8-2017 at 15:59

That's a lot of money, but it's not that much, really... if you think about it, they often spend $60,000+ housing each prison inmate per year. I'm guessing each FBI special agent costs the government $100,000+ per year. Are you doing anything that would motivate the government to have an FBI special agent track you full time for a year?

j_sum1 - 7-8-2017 at 16:16

Nope. Are you?

JJay - 7-8-2017 at 16:24

No. It would be a complete waste of their resources.

phlogiston - 8-8-2017 at 03:06

It is surprising to me that JJay should have to justify wanting to encrypt his notebook.

It is not unreasonable to assume that anything stored on a computer connected to the internet can be accessed by others.

As Snowden once said: “Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.”

We have all seen and experienced how peaceful amateur chemists doing perfectly legal things can be treated by friends, neighbours and the authorities.

Encrypting your digital labbook at least allows YOU to control who you want to share it with, and when.

[Edited on 8-8-2017 by phlogiston]

karlos³ - 8-8-2017 at 03:23

I always reply to the "I´ve got nothing to hide", with "neither have I, but I still prefer to have curtains on my windows".

JJay - 8-8-2017 at 16:46

I've received three private messages in response to this post, and I'd just like to be very clear that I don't want to receive any U2U messages containing jailhouse lawyer opinions or containing sketchy links to privacy software I've never heard of. This is not the first time I've received such communications, and I recognize their hallmarks. But perhaps the member who has been sending me these curious opinions (who has not yet posted on this thread) can just post some of them here and we can have a respectful discussion of them.



[Edited on 9-8-2017 by JJay]

j_sum1 - 8-8-2017 at 19:11

Quote: Originally posted by karlos³  
I always reply to the "I´ve got nothing to hide", with "neither have I, but I still prefer to have curtains on my windows".

Thanks for succinctly stating what I attempted to communicate here (first main point.)
The question then comesdown to what kind of curtains you need. I think a digital format requires thicker curtains than a paper format does -- for the same reason that a city apartment needs curtains more opaque than an isolated rural farmhouse.

But if we are having a discussion about kevlar-reinforced lead curtains with biometric locking mechanisms and Mission Impossible-style self destruct modes then we have possibly lost sight of what a lab journal is for. This is science after all. It is open pursuit of knowledge and not espionage.

If a neighbour or stranger is reading about my chloroform production then the question I want answered is "what the hell are they doing on my computer?" and not "how can I prevent them from reading my lab journal?"

Melgar - 21-8-2017 at 23:55

I like drawing molecule diagrams, which isn't easy to do on a computer in a way that it's encrypted very well. So I just add unreactive functional groups to my molecule diagrams if and when my reactions start entering legal grey area. Then I just learn the name of the new hypothetical molecule and refer to it as such in my notes. I've dealt with DEA and ATF chemists before. They tend to have precursor lists memorized, and have a huge blind spot when it comes to anything not on their lists. If you're being investigated by a real chemist ever, it's probably already too late for you.

[Edited on 8/22/17 by Melgar]

JJay - 22-8-2017 at 06:43

Quote: Originally posted by Melgar  
I've dealt with DEA and ATF chemists before. They tend to have precursor lists memorized, and have a huge blind spot when it comes to anything not on their lists. If you're being investigated by a real chemist ever, it's probably already too late for you.

[Edited on 8/22/17 by Melgar]


I always suspected that you worked for the feds :)

I've found that most chemists have some blind spots. Chemistry is a rather vast field. I suspect that with DEA and ATF chemists, their major concern is with the law rather than with what you might potentially be doing with some designer drugs. A chemist might suspect that I'm making amphetamines with benzyl alcohol, for example, but I couldn't be arrested for having some. But something like a description of "acetylchloroform" would still be suspicious to a casual guest, and it wouldn't really make a lot of sense in my notes anyway.

The three letter agencies would have a very hard time getting into my lab notebook but could probably crack it with sufficient resources. I would decline to voluntarily let them into it on the grounds that it is my right to do so, but in some jurisdictions they can demand to be permitted access to encrypted drives and so forth.

Melgar - 22-8-2017 at 07:13

Quote: Originally posted by JJay  
I always suspected that you worked for the feds :)

More like, idiot roommate called the fire department before he called me when he found a box from Sigma Aldrich with "Danger, explosive" written in the side. It snowballed to the point of me getting pulled out of work, having my car searched, my room ransacked, then the street I lived on closed off for most of the day. All for a hundred fucking grams of 2,4-dinitrophenol.

I was questioned by several agencies, and the ones that asked the chemistry questions were the DEA and ATF. For the record, the DEA guys were massive assholes, and the ATF guys were surprisingly pleasant. I actually kind of enjoyed talking about chemistry with the ATF guys. They asked me if I'd ever made HMTD or TATP, and I said I never had because they were too dangerous. I did admit to making small amounts of ETN and nitroglycerin years in the past, which they didn't seem too concerned about. The DEA guys on the other hand, just would not get off the topic of meth, never mind that the only similarities between meth and 2,4-DNP is that both have benzene rings and both can be used to lose weight.

The US Marshals and the FBI were dicks at first, but then were nicer once they realized I wasn't a terrorist.