Encrypted filesystems
David Kramer
david at thekramers.net
Mon Apr 25 13:25:18 EDT 2005
On Mon, 25 Apr 2005, Kent Borg wrote:
> > I'm looking into this for two reasons. I would like to have
> > encrypted content on my server,
>
> Why? If you want to protect against someone with physical or root
> access to your server, an encrypted partition will help you the first
> time the bad guy gets in, but if the bad guy starts logging what you
> do s/he can get your passphrase the next time you type it. Or access
> your data next time you mount it.
>
> > and I would like to have encrypted content on my USB pen drive
> > (Sandisk 1GB).
>
> Handy if you only type your passphrase on a keyboard and computer you
> trust isn't spying on you.
OK, let me state how this all started, and them my constraints and desires
will hopefully became clearer.
On another mailing list I am on (as are some other BLU members), a case
was described where a *REALLY* *STUPID* person brought a corrupted hard
drive in to a data recovery shop, who did their job well enough to find
many, many, carefully organized and categorized, kiddie porn pictures.
That person is now in deep Kimchi.
Before we go any further, I do NOT have any kiddie porn anywhere in my
house, on my server, or even in my brain.
But I do have data that I would rather not be posted on a billboard. Not
illegal, just private. I would like to keep some of that kind of
information encrypted on my server, and I would like to walk around with
some of it on my thumb drive. I am not worried so much about keyboard
sniffers, etc., though there is a chance if I use my "encrypting a
filesystem" method, that I could leave the unencrypted version around by
accident at a bad time..
I have no expectations of standing up to authorities and refusing to
decrypt this data, even if the law allows, because I can't see a good
outcome from doing so whatever the law says. It would be nice if it
required some cooperation on my part, though.
> -kb, the Kent who can frequently point out the dark side.
It takes one to know one.
---------------------------------------------------------------------------
DDDD My 1983 Plymouth Voyager used to run on for five minutes or so after
DK KD shutoff on anything lower than 89 octane.
DKK D This was a misinterpreted signal on my part. I thought that the car
DK KD was asking for higher-octane gas. It was really asking to be
DDDD pushed off a cliff into an abandoned quarry. - Todd Finney
More information about the Discuss
mailing list