Full disk encryption with Ubuntu

Ralf Mardorf kde.lists at yahoo.com
Sat Jan 28 07:10:34 UTC 2023


On Sat, 2023-01-28 at 16:31 +1000, Jared Norris wrote:
> hardware based

Hi,

you cannot trust a vendor's encryption.

"Crypto AG was a Swiss company specialising in communications and
information security founded by Boris Hagelin in 1952. The company was
secretly purchased for US $5.75 million and jointly owned by the
American Central Intelligence Agency (CIA) and West German Federal
Intelligence Service (BND) from 1970 until about 1993, with the CIA
continuing as sole owner until about 2018." -
https://en.wikipedia.org/wiki/Crypto_AG#Compromised_machines

> I'm leaning towards 1 to remove any possible performance impact and
> also because I have no experience of either options 2 or 3.

The only experience I've got with disk encryption is, that I couldn't
access an encrypted Ubuntu by another Linux, such as a rescue CD.

Sensitive data belongs on a computer that is locked in a safe and has no
access to the outside world. If a storage medium of this computer
breaks, it must be blown up.

Regards,
Ralf



More information about the ubuntu-users mailing list