Re: Linux disk partition encryption

To: debian-user@lists.debian.org
Subject: Re: Linux disk partition encryption
From: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>
Date: Thu, 27 Jan 2011 09:27:51 -0200
Message-id: <[🔎] 20110127092751.4925343au6hfqz0g@mail.kalinowski.com.br>
In-reply-to: <[🔎] AANLkTinoFcWvLvy1yn4JdxTJvuYNhVOp4zysy6n74Yc-@mail.gmail.com>
References: <[🔎] ihobsl$pt9$1@dough.gmane.org> <[🔎] 20110126092929.adc7f6c8.celejar@gmail.com> <[🔎] AANLkTikyHiEaTunK3qEFzG=eGVinNBuGxNBWp1r8_e5L@mail.gmail.com> <[🔎] 20110126160149.39fd71f2.celejar@gmail.com> <[🔎] AANLkTinoFcWvLvy1yn4JdxTJvuYNhVOp4zysy6n74Yc-@mail.gmail.com>

On Qua, 26 Jan 2011, Brad Alexander wrote:

Because if your laptop gets stolen, the odds are that they will not
get the USB drive. Thus, it is another layer of security. Plus, if
they have /boot, they will be prompted for the passphrase, which means
they can brute force it.

Only if the user is using a dumb passphrase like "password" or"123456". Or if the attacker can wait years (or decades) for the data.

Moreover, if the user wants the data (which is not so common, butcould happen), not having a /boot does not prevent brute forceattacks. One just needs to remove the hard drive and try to mount inanother system, and they'll get the same passphrase prompt.



--
Tempt me with a spoon!

Eduardo M KALINOWSKI
eduardo@kalinowski.com.br

Reply to:

References:
- Linux disk partition encryption
  - From: T o n g <mlist4suntong@yahoo.com>
- Re: Linux disk partition encryption
  - From: Celejar <celejar@gmail.com>
- Re: Linux disk partition encryption
  - From: Brad Alexander <storm16@gmail.com>
- Re: Linux disk partition encryption
  - From: Celejar <celejar@gmail.com>
- Re: Linux disk partition encryption
  - From: Brad Alexander <storm16@gmail.com>

Prev by Date: Re: How to start gdm by default
Next by Date: Re: help
Previous by thread: Re: Linux disk partition encryption
Next by thread: Re: Linux disk partition encryption
Index(es):
- Date
- Thread