On Mon, Jan 4, 2010 at 6:06 AM, Patrick Freundt <patrick.freu...@googlemail.com> wrote: > On Mon, Jan 4, 2010 at 12:43 PM, Martin Pitt <martin.p...@ubuntu.com> wrote: > >> > This is clearly insecure. > >> Not really: > > Yes. > > And I would hope for a wiki article that explains how encrypted > filesystems protect you from these risks, instead of attempting to > argue whether these risks exist.
Such articles abound. One such article discussing in great detail how you might encrypt your home directory in Ubuntu is here: * http://www.linux-mag.com/cache/7568/1.html Beyond this, you can use the Server or the Alternate installer to encrypt your entire drive using LVM. * https://help.ubuntu.com/community/EncryptedFilesystemLVMHowto And I agree with the security team's assessment -- if an attacker has physical access to your hard drive, encryption is your only real protection. Adding a password to Grub/Grub2 simply means that the attacker needs to have a screwdriver at their disposal. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
