On 20/04/17 01:40 PM, Carlos E. R. wrote:
On 2017-04-20 15:44, Anton Aylward wrote:
However, as I've discussed before, what is it you want to focus on when encrypting, code or data? In a perfect world you'd have unlimited (portable) storage that doesn't degrade in speed with decryption. In reality ... what? Maybe you think that LUKS/FUSE is enough.
Data, but there is sensitive data spread on several directories. WiFi passwords somewhere on /etc, logs on /var, temporary files in /tmp, and others I forget. So the answer, for a laptop, is "all".
Don't forget SWAP! This is why I don't think simply encrypting partitions or files or directories is enough in this sort of context. You need an encrypted DISK. You need a HARDWARE ENCRYPTED DISK !!!
I don't care if it can be broken. The average burglar will not know how. If they want read the disk, they will have to sweat.
Once again I refer to the story about the the data thief that stole the laptop while it was active, while the owner was logged in and the encrypted volumes visible in the clear. Potable devices are not secure, or perhaps that should be phrased "they are not securable enough". -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org