Re: Encrypt file while you are using it

[Lupe Christoph <lupe@lupe-christoph.de>]

On Monday, 2008-11-24 at 16:12:56 +0100, Manuel Gomez wrote:
> Hi, i would like to maintain encrypt an archive in all moment, so i
> would like to know what software can be this.

> Now i am using Truecrypt, but when i mount the encrypted directory it's
> vulnerable. I want to mount the file and that the file can remains
> encrypt.

Whenever you are able to read a file, it has to exist in unencrypted
form. Let's say you have an editor or viewer that has builtin-in
decryption. It will read the encrypted file, and decrypt it. to be able
to work on it, the program has to keep the decrypted form. It also
has to send it to some device for you to be able to work on it. The
decrypted form will be readable from /dev/mem or /proc/<pid>/mem. by
the superuser and (procfs only) your user. It will also be possible
for at least the superuser to intercept what is going to the device.
There is nothing you can do to prevent these kinds of attacks.

So, storing your files in an encrypted filesystem with permissions set
so that only your user (and the superuser) can read the files is no less
secure than storing the files individually encrypted.

HTH,
Lupe Christoph
-- 
| There is no substitute for bad design except worse design.             |
| /me                                                                    |