Encryption options and suggestions or installed Dapper

[Robert Brockway]

On Fri, 7 Dec 2007, Ralph Pichie wrote:

> I have an updated installation of Dapper on an Acer notebook that I 
> occasionally use for contract work. I want to encrypt at least part of 
> the data on it, and likely also a couple of USB thumb drives, possibly 
> an ext3 partition on an external hard drive as well. Note: I am NOT 
> interested in doing a fresh install at this time.
>
> What have the experiences been with encryption? Any recommendations?

Hi Ralph.  I hear a lot of people express an interest in encrypting data 
these days.  Please consider the ramifications.  I believe a lot of people 
are using encryption without really understanding the potential problems.

If you lose the private key or forget the passphrase the data on that 
device is unrecoverable.  For safety you'll want to engage in "key 
escrow", which means finding a secure location for the private key.  If 
the private key is kept in a location which is not particularly secure 
then neither is your encryption.

If you have backups of the data will you encrypt those?  If you encrypt 
the main data source and the backups and lose the private key the data is 
gone (maybe someone can recover it in 80 or 100 years).  If you don't 
encrypt the backups then you'll want a very secure location to hold them. 
The data is only as secure as the least secure copy.

Cheers,

Rob

-- 
"With sufficient thrust, pigs fly just fine..."
 	-- RFC 1925 "The Twelve Networking Truths"