On Fri, May 18, 2007 at 12:43:29AM -0700, Crispin Cowan wrote:
Ralf Ronneburger wrote:
Martin Konold wrote:
As soon as a 3rd party has either root or physical access to your linux machine this party will be able to gain access to all volumes which are currently in use. E.g. it is trivial as user root to obtain all access permissions of any user on the system.
That is not true for encrypted disks as long as I don't enter the key (and the one who gained root-access has a keylogger installed). The data should be safe at least until then. Otherwise encryption would be senseless - you can get root on every machine with a boot-CD in minutes.
Encryption *is* senseless for anything but a mobile device like a laptop or a PDA.
I don't agree with this general statement. The basic paradoxon here is that data should be secure AND usable. Encryption is of course no solution to this but it is still useful. Data that is being accessed can't be secured by encryption, because encryption does not provide a rights management. But encryption can secure data that is not (currently) accessed. For example, encrypted filesystems are almost always useful to prevent data leakage from abandoned hardware (think of all the harddisks sold on ebay). Also any file encrypted by a user improves the security by reducing the time the data is accessible and subject to attacks. No doubt, there are many pitfalls that render the usage of encryption useless, eg. storing a key unprotected or on the same system, choose trivial passwords, etc. But in the end it is more simple to control access to a key than access to gigabytes of data. Michel -- Der tägliche Wahnsinn - http://www.virtualfreedom.de/dtw/ "Rasse" war der Irrglaube des 20. Jahrhunderts, "Sicherheit" ist der des 21.