Full disk encryption makes the system unnecessarily slow, especially if applied to swap space.
Not necessarily so. A lot of people make a big deal out of a couple of papers published on how much whole-disk encryption slows down OpenBSD, but the flip side to that is the file and network systems of OpenBSD are not as efficient as those of many other OSes. If you've done your own empirical tests with your own OS and discovered it's too slow, then by all means, it's too slow. Otherwise, you may wish to do some empirical tests.
Certainly. But unless the intruder is a root-kit,
If the attacker has access to your hardware, then you're out of luck, the game is over. The only systems I can think of which may (may!) be exceptions to this are certain esoteric systems designed to reach the highest levels of Common Criteria evaluation, where classified and non- classified data operate on entirely different CPUs, entirely different RAM, etc., etc., with an information diode to control how information flows between them.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
