Jeff Soules wrote: ... > >> The most intrusive attacks, where an attacker has complete control of >> the user's machine (and can therefor modify EncFS, or FUSE, or the >> kernel itself) are not guarded against. Do not assume that encrypted >> files will protect your sensitive data if you enter your password into a >> compromised computer. ... > > Seems to me that the man page is talking about two situations: > > #1. Someone has rooted your box. In this case, your encryption can be > bypassed, because unless your secret passphrase is actually an entire > RSA key, the password is just a gatekeeper and everything needed to > decrypt the fs is on the box. A (sufficiently clever) attacker with > root (and enough time) could modify the EncFS program itself to bypass > the password check and just decrypt your files.
The password should be used to _encrypt_ the encryption key. Then you're not vulnerable to bypassing of a password check. But, as you said, if the machine is compromised, then once you enter the password, the data can be decrypted. Daniel -- (Plain text sometimes corrupted to HTML "courtesy" of Microsoft Exchange.) [F]
