On 01/31/2012 01:10 PM, zep wrote:
On 1/30/2012 7:44 PM, Basil Chupin wrote:
When I installed 12.1 I encrypted (for the first time) my HOME directory.
Last night, in anticipation of installing KDE 4.8, I did a backup of my /home to an external HDD.
Then the thought occurred to me - which is as a result of a court case in USA where the judge ruled that the Fifth Amendment did not apply where the woman refused to divulge the passphrase to her encrypted system and she had to type in the passphrase to make the contents of the HDD available to the DoJ - is my encrypted data now readable on the external HDD?
The answer is YES. I attached the external to another computer and am able to read all the files in that backup.
perhaps it's a good time for the very paranoid to switch to hidden encrypted partitions with truecrypt (www.truecrypt.org).
the basic premise is there are 2 separate, mountable partitions within an single encrypted file. password A opens and allows partition A to be mounted, password B opens and allows a smaller subset partition to be mounted, giving plausible deniability if forced to divulge a password.
But still, you have to think along the lines of: I am encrypting a disk, or a partition. Files while they are on that disk or partition are encrypted. If you copy them somewhere else (to a disk or partition that is not encrypted), then they're not going to be encrypted on that device. The story is different if you specifically encrypt a file with GPG (or whatever) then copy that encrypted file elsewhere. This is an important difference between block-level and file-level operations. BTW, http://en.wikipedia.org/wiki/Key_disclosure_law is worth a read. Regards, Tim -- Tim Serong Senior Clustering Engineer SUSE tserong@suse.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org