If you want to generate a custom Debian live CD, including only the tools you want (and maybe additional tools you don't find in other live CDs) there's a really simple solution: live-helper.
Creating a basic bootable Debian live CD ISO image in the current directory is as simple as:
$ lh_config $ lh_build
That's it. The result will be a file called binary.iso, which you can either burn on a CD-ROM via
$ wodim binary.iso
or test in QEMU using a command line like this:
$ qemu -boot d -cdrom binary.iso
Of course there are many possibilities to customize the generated image to your likings, see the documentation in the Debian wiki, or the lh_config/lh_build manpages.
Please note that live-helper can not only generate CD ISOs, but also bootable DVDs, images for USB thumb drives, or netboot images.
There's also a nice GUI called live-magic which will make the process a bit easier if you don't like doing things on the command line.
Just in case you haven't already read about this... Some researchers from Princeton have published a paper about methods which can be used to attack full-disk-encryption (FDE) schemes.
They have demonstrated that at least BitLocker (Windows Vista), FileVault (MacOS X) and dm-crypt (Linux) are vulnerable to this type of (partly hardware-based) attack scenarios. Quite likely lots of similar other solutions are vulnerable as well.
The main problem is that (contrary to popular belief) RAM does indeed retain its data for a non-trivial amount of time after power is cut (seconds, even minutes or hours if it's cooled down enough), so you can mount some new attacks such as:
Yes, all attacks assume that the attacker has physical access to your PC/RAM, in which case you already have several other problems. Still, the new thing about this is that even full-disk-encryption doesn't help much in some cases. You probably shouldn't depend too much on it (but you shouldn't stop using disk encryption either, of course!).
Make sure to read the comments of the various articles for more scenarios and possible ideas for how to prevent such attacks. Some ideas include enabling the BIOS RAM checks (which might explicitly erase RAM contents on reboot; that doesn't help in all cases, though) or using coreboot (previously LinuxBIOS) to erase RAM contents at boot-up and/or shutdown.
It's a highly non-trivial issue, though, there's no easy and complete fix so far. The only sure way is to not have your laptop or PC stolen and to not give attackers physical access to your computers.
Since the "World's First Motherboard Using LinuxBIOS Released" hype at the beginning of this year (which was incorrect btw; it was not the first supported desktop board, there were many others before), LinuxBIOS hasn't been in the news very much. That doesn't mean that there was no progress, however. We've been working hard behind the scenes to improve the LinuxBIOS code, add support for new chipsets and boards, and advance the upcoming next-generation LinuxBIOSv3 version which will brings lots of great improvements in various areas.
Here's a random collection of stuff that happened in the last few months.
Most work will probably go into LinuxBIOSv3 in the future, in order to make it suitable for productive use.
Of course, work on new chipsets and boards will continue, too. For example the VIA CN700 chipset (plus Jetway J7F2WE board using it) is being worked on right now, probably also several others I don't know about.
If you're interesting in trying out LinuxBIOS, please check the list of supported motherboards. If your board is not listed there, but the chipset is already supported we can probably add support for your board relatively easy with some testing help from you.
An (incomplete) list of good candidate boards for future support is available in the wiki.
We're very grateful for the many contributors who have helped us with testing and fixing existing code, or who even contributed code for new chipsets and motherboards. Thanks a lot!
Many thanks especially to all hardware vendors who have been supporting us or even actively contributed by submitting code for their chipsets or boards (recently or in the past), including AMD, SiS, VIA, MSI, Tyan, Artec Group, and many others. Your efforts are very appreciated. Thanks!
Highly recommended for anybody who might be even remotely interested in LinuxBIOS:
The talk is about LinuxBIOS, its history, how it works, what the main challenges are, where it's used today and what the future will likely hold. Watch it, you won't regret it.
Linux seems to run on more and more embedded systems all over the place. Nice example I learned about recently: Linux running an ALDI "Pfandautomat" (German)... Yeah, I have no idea how to translate "Pfandautomat" (container deposit?).
There's a video (Flash) on the site. A screenshot is here.