Mailinglist Archive: opensuse (3605 mails)
| < Previous | Next > |
Re: [SLE] laptop security
- From: Chaitanya Chalasani <chaitanya.chalasani@xxxxxxxxx>
- Date: Sat, 17 Jun 2006 12:39:49 +0530
- Message-id: <200606171239.49723.chaitanya.chalasani@xxxxxxxxx>
On Friday 16 June 2006 21:11, Roger Oberholtzer wrote:
> I have been pondering laptop theft. Now, I know our company source code
> is of limited interest to all but a few odd companies scattered around
> the globe. But the idea of it getting away from me is not so very nice.
> A couple of us here maintain a subversion checkout on our laptops. By
> design, the laptop is complete and can be used to create the entire
> product for four or five platforms, just by a few make commands.
>
> What is the best security? What are the reasonable options? For a
> current Linux distro.
>
> I think it is a given that any Linux user security does not apply. Just
> boot Knoppix and all is revealed. The proverbial double edged sword.
>
> One could encrypt the file system. This seems a bit much. Encrypting the
> files themselves is not feasible. There are a gazillion of them. (I
> counted.) Can you encrypt an existing file system? I suspect not.
>
> One could have a BIOS password. This sounds best. But I guess these are
> easily gotten around? It sounds too simple a solution. Or one that leads
> to other odd problems.
>
> Is anyone else protecting their laptops in some
> unknown-in-these-parts-but-soon-to-replace-the-mudshark-in-your-mythology
> way?
>
> (I blame the IPOD on my desk. I listen to all sorts of odd things that I
> usually forget about at home.)
>
>
>
> --
> Roger Oberholtzer
>
> OPQ Systems AB
> Ramböll Sverige AB
> Kapellgränd 7
> P.O. Box 4205
> SE-102 65 Stockholm, Sweden
>
> Tel: Int +46 8-615 60 20
> Fax: Int +46 8-31 42 23
encfs is a good choice. I using the same for encrypting my source code under
the workspace directory. The packages and kernel modules are included in SuSE
10.1.
encfs will create a loopback encrypted file system(FUSE) in the current
non-encrypted partition where it can be mounted on a subdirectory inside your
home directory and place all your code and work copies in it. It supports
AES, blowfish upto 256 bits encryption. While mounting it asks for the
paraphrase/password and its ready to use. I don't see any performace issues.
--
CHAITANYA CHALASANI
LINUX USER #410931
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
> I have been pondering laptop theft. Now, I know our company source code
> is of limited interest to all but a few odd companies scattered around
> the globe. But the idea of it getting away from me is not so very nice.
> A couple of us here maintain a subversion checkout on our laptops. By
> design, the laptop is complete and can be used to create the entire
> product for four or five platforms, just by a few make commands.
>
> What is the best security? What are the reasonable options? For a
> current Linux distro.
>
> I think it is a given that any Linux user security does not apply. Just
> boot Knoppix and all is revealed. The proverbial double edged sword.
>
> One could encrypt the file system. This seems a bit much. Encrypting the
> files themselves is not feasible. There are a gazillion of them. (I
> counted.) Can you encrypt an existing file system? I suspect not.
>
> One could have a BIOS password. This sounds best. But I guess these are
> easily gotten around? It sounds too simple a solution. Or one that leads
> to other odd problems.
>
> Is anyone else protecting their laptops in some
> unknown-in-these-parts-but-soon-to-replace-the-mudshark-in-your-mythology
> way?
>
> (I blame the IPOD on my desk. I listen to all sorts of odd things that I
> usually forget about at home.)
>
>
>
> --
> Roger Oberholtzer
>
> OPQ Systems AB
> Ramböll Sverige AB
> Kapellgränd 7
> P.O. Box 4205
> SE-102 65 Stockholm, Sweden
>
> Tel: Int +46 8-615 60 20
> Fax: Int +46 8-31 42 23
encfs is a good choice. I using the same for encrypting my source code under
the workspace directory. The packages and kernel modules are included in SuSE
10.1.
encfs will create a loopback encrypted file system(FUSE) in the current
non-encrypted partition where it can be mounted on a subdirectory inside your
home directory and place all your code and work copies in it. It supports
AES, blowfish upto 256 bits encryption. While mounting it asks for the
paraphrase/password and its ready to use. I don't see any performace issues.
--
CHAITANYA CHALASANI
LINUX USER #410931
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
| < Previous | Next > |