Re: root fs/crypted
On Tue, 29 May 2001 email@example.com wrote:
> I see it as more than this. I see it as ensuring that the data on the disk does
> not get accessed by anyone never intended to see it. (physically, of course).
> I guess this would mostly be cool for thwarting things like police raids,
Although in some countries (eg Britain) you can be required by law to
disclose the decryption keys, and imprisoned if you fail to do so. The
only way around this is to use a steganographic approach where, in the
absence of the passphrase for a given set of data, it is impossible even
to prove its existence.
(I have in the past used StegFS, although it didn't seem stable enough for
critical use, and it doesn't work on 2.4 kernels yet. However, it seemed a
very promising concept.)
> servers vulnerable in remote locations (e.g. colocation, etc). My opinion is,
> with privacy, you can never have too much.
Very true, although a *false* sense of privacy can of course be worse than
none at all -- so it is important that any such system is implemented with
a lot of forethought.
Just my 2p worth...