On 11/08/2014 11:35 AM, Anton Aylward wrote:
An encrypted FS or data store that is available in the clear while the system is booted anyway makes no sense to me. It only makes sense if the machine itself is physically insecure, that the drive could be stolen. And not really even then; if the machine is physically insecure the whole thing could be stolen, and booted, or the data extracted while the machine was running, or, given physical access, a keystroke recorder could be plugged in.
A few years ago, I set up ThinkPads for a pharmaceutical company. The drives were encrypted and could only be accessed after the password was entered. No password, no data. Even if someone "borrowed" a computer, they couldn't read anything without the password. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org