[TriLUG] best way to hack root...

Cristóbal Palmer cristobalpalmer at gmail.com
Thu Feb 21 16:53:17 EST 2013


On Thursday, February 21, 2013 at 4:20 PM, Robert Dale wrote:
> Or run an encrypted filesystem.

If you're the sort of person who manages to lose passwords[0], I can't really recommend that you start your escalation of security by doing whole disk encryption. That's a great way to lose not only your password but also your pictures, videos, documents….

And if you run careful backups, you're either adding more encryption keys to keep track of or you're right back where you were in the first place in terms of physical security.

Don't get me wrong -- encrypted filesystems have their legitimate place[1] and are great, but the home user worried about other people snooping probably isn't a good use case. Furthermore, are you actually sure that your full disk encryption (as you are using it) is secure[2] and accomplishing what you think it is?

Please don't let me talk you out of using full disk encryption. I do use it in several places on several Operating Systems. I'm just saying you should know what you're in for.

Cheers,
--
Cristóbal Palmer
cmpalmer.org


[0] ie. more or less any human who has not been motivated/trained to follow processes such as writing them down on paper and depositing that paper at the bank or with a lawyer.

[1] eg. HIPAA/FERPA data at rest, confidential business documents on a laptop that will leave the grounds, etc. etc.

[2] https://www.youtube.com/watch?v=EX1gOWcttx8 



More information about the TriLUG mailing list