On Thu, 27 Jan 2011 15:25:40 + (UTC)
T o n g wrote:
> On Thu, 27 Jan 2011 09:02:52 -0500, Celejar wrote:
>
> >> Further, does disk encryption access the partition directly? I mean,
> >> does the 'cryptsetup luksFormat /dev/sdxn' care what type of partition
> >> (ext2/3, fat, etc) /dev/sdxn i
On Thu, 27 Jan 2011 16:40:39 +0100, Erwan David wrote:
> CBC would be a very bad idea for random access and modification.
I thought so.
Thanks for the confirmation.
--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/
--
To UNSU
On Thu, Jan 27, 2011 at 03:06:39PM CET, Eduardo M KALINOWSKI
said:
> On Qui, 27 Jan 2011, Celejar wrote:
> >>Now another question, which nobody seems to have noticed/mentioned.
> >>
> >>Since CBC encryption is a "recursive algorithm, the encryption of the n-th
> >>block requires the encryption of
On Thu, 27 Jan 2011 12:06:39 -0200
Eduardo M KALINOWSKI wrote:
> On Qui, 27 Jan 2011, Celejar wrote:
> >> Now another question, which nobody seems to have noticed/mentioned.
> >>
> >> Since CBC encryption is a "recursive algorithm, the encryption of the n-th
> >> block requires the encryption of
On Qui, 27 Jan 2011, Celejar wrote:
Now another question, which nobody seems to have noticed/mentioned.
Since CBC encryption is a "recursive algorithm, the encryption of the n-th
block requires the encryption of all preceding blocks, 0 till n-1." [1]
Now, does it mean if my HD has a bad block in
On Thu, 27 Jan 2011 05:25:20 + (UTC)
T o n g wrote:
> Thanks everyone who commented.
>
> On Thu, 27 Jan 2011 00:07:21 +0100, tv.deb...@googlemail.com wrote:
>
> >> - First very noob question, I don't want whole disk encryption, just
> >> want to encrypt some selected already partitioned pa
Sjoerd Hardeman:
> Celejar schreef:
>>
>> Oh, basically the Evil Maid attack. Fair enough. But then you have to
>> make sure the attacker can't flash the BIOS ...
>>
> Bother to explain how it works? If you have an encrypted partition,
> no adapted kernel will ever be able to access it.
Of cour
On Thu, 27 Jan 2011 11:03:58 +0100
Sjoerd Hardeman wrote:
> Celejar schreef:
> > On Wed, 26 Jan 2011 23:24:07 +0100
> > Jochen Schulz wrote:
> >
> >> Celejar:
> >>> Brad Alexander wrote:
> >>>
> Linux admins used LUKS, and as a further step, I put /boot (the only
> partition that can
On Qua, 26 Jan 2011, Brad Alexander wrote:
Because if your laptop gets stolen, the odds are that they will not
get the USB drive. Thus, it is another layer of security. Plus, if
they have /boot, they will be prompted for the passphrase, which means
they can brute force it.
Only if the user is u
Celejar schreef:
On Wed, 26 Jan 2011 23:24:07 +0100
Jochen Schulz wrote:
Celejar:
Brad Alexander wrote:
Linux admins used LUKS, and as a further step, I put /boot (the only
partition that cannot be encrypted) on a USB stick, so that if anyone
got the laptop, they had no access to the data.
Celejar:
> Jochen Schulz wrote:
>> Celejar:
>>>
>>> Why does putting /boot on a USB stick gain you anything?
>>
>> Because an unencrypted /boot may be altered by an attacker without you
>> noticing it. Theoretically, the kernel may be replaced by another one
>> that reports your passphrase to t
>On the 26/01/2011 06:36, T o n g wrote:
> Hi,
>
> I'm thinking to do the disk partition encryptions now. However
>
> "Hard drive encryption sounds like an intimating concept, mostly because
> it is. The thought of taking your precious files, then using a
> mathematical formula to convert them
On Wed, 26 Jan 2011 23:24:07 +0100
Jochen Schulz wrote:
> Celejar:
> > Brad Alexander wrote:
> >
> >> Linux admins used LUKS, and as a further step, I put /boot (the only
> >> partition that cannot be encrypted) on a USB stick, so that if anyone
> >> got the laptop, they had no access to the da
Celejar:
> Brad Alexander wrote:
>
>> Linux admins used LUKS, and as a further step, I put /boot (the only
>> partition that cannot be encrypted) on a USB stick, so that if anyone
>> got the laptop, they had no access to the data.
>
> Why does putting /boot on a USB stick gain you anything?
Bec
On Wed, 26 Jan 2011 16:21:41 -0500
Brad Alexander wrote:
> Because if your laptop gets stolen, the odds are that they will not
> get the USB drive. Thus, it is another layer of security. Plus, if
> they have /boot, they will be prompted for the passphrase, which means
> they can brute force it. I
Because if your laptop gets stolen, the odds are that they will not
get the USB drive. Thus, it is another layer of security. Plus, if
they have /boot, they will be prompted for the passphrase, which means
they can brute force it. If /boot is missing, then all they get is a
grub message saying "Gru
[Please don't cc me on replies.]
On Wed, 26 Jan 2011 15:48:15 -0500
Brad Alexander wrote:
...
> Linux admins used LUKS, and as a further step, I put /boot (the only
> partition that cannot be encrypted) on a USB stick, so that if anyone
> got the laptop, they had no access to the data.
Why doe
On Wed, Jan 26, 2011 at 9:29 AM, Celejar wrote:
> A partition cannot be mounted; filesystems can. If the partition is
> encrypted, no filesystem will be visible. If you mean to ask whether
> someone analyzing the disk will be able to detect an encrypted
> datastore, in general the answer is pro
On Wed, 26 Jan 2011 14:13:09 -0600
green wrote:
> Hopefully your questions have been answered. I used cryptsetup and LUKS for
> 2
> partitions. I have never had exactly 0 problems with it. LUKS support for
> multiple passwords has been helpful.
I've had several problems:
http://bugs.debia
Hopefully your questions have been answered. I used cryptsetup and LUKS for 2
partitions. I have never had exactly 0 problems with it. LUKS support for
multiple passwords has been helpful.
Now I don't remember that you actually requested a HOWTO, but here it is
anyway.
It is easy, just:
1.
On Wed, 26 Jan 2011 10:26:16 +0100
Sjoerd Hardeman wrote:
...
> No, luks and dm-crypt are linux only
There's purportedly Windows support for LUKS / dm-crypt volumes with
FreeOTFE:
http://en.wikipedia.org/wiki/FreeOTFE
Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggr
On Wed, 26 Jan 2011 05:36:22 + (UTC)
T o n g wrote:
...
> 2. http://www.tldp.org/HOWTO/html_single/Disk-Encryption-HOWTO/
> also, Linux Encryption HOWTO
> http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html
> v0.2.2, 04 October 2000
>
> Here are my questions,
>
> - First very noo
T o n g schreef:
Hi,
I'm thinking to do the disk partition encryptions now. However
"Hard drive encryption sounds like an intimating concept, mostly because
it is. The thought of taking your precious files, then using a
mathematical formula to convert them into random noise before scattering
Hi,
I'm thinking to do the disk partition encryptions now. However
"Hard drive encryption sounds like an intimating concept, mostly because
it is. The thought of taking your precious files, then using a
mathematical formula to convert them into random noise before scattering
them back across
24 matches
Mail list logo
