Harddisk Encryption

[Jeremy Schoenhaar]

Am Sonntag, den 26.11.2006, 11:34 -0400 schrieb Anderson Lizardo:
> On 11/26/06, Jeremy Schoenhaar <jeremy at fam-schoenhaar.de> wrote:
> > I overlooked that part about the root partition. As sensitive data does
> > NOT belong on / that would be a waste of energy in my opinion. /home,
> > SWAP, /tmp, and other partitions on the otherhand would be a big +
> 
> Also don't forget about /var/mail/, /var/spool/cups (in case you have
> some sensitive document waiting for printing), /var/log/ (if e.g. you
> allow sudo to log all commands run with sudo), /etc/ (Postfix SASL
> passwords, /etc/shadow) etc.
> 
> My point is: in practice, you have no (easy) way to guarantee that any
> program will not write sensitive data to a unencrypted partition. If
> that happens, even for a small time, sensitive data will be left on
> the hard-disk ("rm" does not physically remove file contents from the
> disk, just its entry from the directory) and can be recovered by
> grepping /dev/hd* or by using debugfs.
> 
> My suggestion would be to provide the two options (encrypt entire
> disk, except for /boot; and encrypt only user-defined partitions), and
> warn the user about the issues of encrypting only some partitions
> (less secure) or the entire disk (performance).
> 
> I've been using an entirely encrypted harddisk on my laptop (except
> for /boot, so GRUB can read the kernel images and menu.lst) for many
> months now, and what I can say is that it's still very responsive.
> 
> Just my $0.02. Regards,
> -- 
> Anderson Lizardo

That is of course a very good point. Perhaps a checkbox with the word
Encrypt|_| next to every partition except /boot would be the solution.
(Although I hardly trust your average Joe to know what the consequenses
would be)

Jeremy Schoenhaar

ps Checkbox was ment for gtk/fb installer, no ncurses. And I still have
to get to looking at the acuall code