[ubuntu-uk] System Security (Was Re: Password recovery)
Matthew Macdonald-Wallace
matthew at truthisfreedom.org.uk
Mon Jul 7 06:36:52 BST 2008
Tony,
Quoting Tony Arnold <tony.arnold at manchester.ac.uk>:
> Alternatively, encrypt your file systems and disks! Any would be hacker
> would then need the encryption key before doing any of the above!
>
> (Well, she could format the disks, but would not get any information
> from them. You need backups for that. In fact unencrypted backups kept
> in a locked safe preferably is a must for encrypted systems; in case you
> lose the key!)
LOL, this is my biggest fear - forgetting the key to an encrypted
file/disk. I forgot one the other day for some of my personal
information encrypted using bcrypt - I had to ring my InLaws and as
them to post my backup disks back to me!
The system's I've encountered are usually based on the "security
through obscurity" principle - one of them had /boot as a standard
ext3 partition, then /root was mounted via LVM, /var and /tmp via
software-RAID, /home was a software-RAID/LVM combo and the whole lot
was run ontop of hardware-RAID.
It took me nearly an hour to figure that one out and mount all the
disks - if it had been a disaster-recovery situation, I pity the poor
sod that would have to restore that one! :o)
>> Hope I've not given anyone nightmares,
>
> It's OK, I'm paid to have nightmare about this stuff!
LOL, and me - that's why I love my job! :o)
Cheers,
M.
--
Matthew Macdonald-Wallace
matthew at truthisfreedom.org.uk
http://www.truthisfreedom.org.uk/
More information about the ubuntu-uk
mailing list