[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Some legal trouble with TOR in France
---- Original message ----
>Date: Mon, 15 May 2006 18:52:38 +1000
>From: glymr <glymr_darkmoon@xxxxxxx>
>Subject: Re: Some legal trouble with TOR in France
>-----BEGIN PGP SIGNED MESSAGE-----
>Matej Kovacic wrote:
>> this could also be a good idea:
>> encryption of harddrives from the scratch.
>> However, I would create a small partition where there will be keys
>> (files) for decryptig root and home partitions. This small partition
>> would be encrypted by passphrase. That means you can easily (well...
>> :-//) change your passphrase for the system (just re-encrypt this small
>> partition with keyfiles againg).
i am to understand that it's a bit of a mess to have the root partition of any
*nix machine encrypted. netbsd's cgd is pretty solid, provided one only puts
sensitive data on it post cgd setup. cgd only works for non-root partitions.
>> The only critical software part is then /boot partition. But you can
>> always fill the /boot up to 100% with random data and run Tripwire
>> integrity checking on it. If it is full, it is hard to write additional
>> code on it. And if you do integrity checking, you can easily discover if
>> something changed.
>> I am planning to write a small setup guide for cryptsetup on Dapper
>> version of Ubuntu Linux.
>> bye, Matej
>ever heard of cryptfs_luks?