The EFF is requesting full disk encryption as an option on the (non-alternate) CD

James Tait james.tait at canonical.com
Wed Jan 4 15:26:19 UTC 2012


On 04/01/12 14:36, Phillip Susi wrote:
> Why bother encrypting / instead of just /home? We already have /home
> encryption, which seems to meet the needs of most people.

Well if you're going to the effort of encrypting data on-disk, it also 
makes sense to cover at least /var and /tmp as well as swap space, all 
of which potentially contain user passwords, encryption keys, temporary 
files and so on.

/etc also tends to contain potentially sensitive data and I'm not sure 
if/how one could have that as a separate partition and still have a 
bootable system - though I look forward to being educated. :)

By the time you've gone that far, and convinced yourself that nothing 
sensitive is going to end up elsewhere on your filesystem, I guess you 
may as well go the whole hog.  Any performance hit is probably 
outweighed by the privacy gains.

JT
-- 
James Tait, BSc. | https://launchpad.net/~jamestait/
Software Engineer, Canonical Online Services, Web and Mobile Team
Ubuntu - Linux for human beings | www.ubuntu.com



More information about the ubuntu-devel mailing list