Slashdot Mirror

← Back to Stories (view on slashdot.org)

Seeking Current Info on Linux Encrypted FS?

Posted by Cliff on from the protecting-your-personal-data dept.

slick_rick asks: "I'm looking for info on encrypted file systems under Linux to help my employers company move away from Microsoft centric solutions. However the latest HOWTO is two years old, the latest kernel patch dates back to April (and 2.4.3) and even the Sourceforge project has nearly zero documentation and appears to be very dead. Are slashdotters using encrypted file systems? If so, what are your experiences?" We last talked about this topic, just over a year ago, in this article.

5 of 297 comments (clear)

  1. Maybe for you.... by coyote-san · · Score: 5, Interesting

    Maybe you need deniability, but out here in the real world a lot of people should be using encrypted file systems just to ensure that sensitive or confidential information is not exposed to others if the disk is stolen, the cleaning people are bored, etc.

    Personally, I don't want my doctor to have deniability about his records regarding me. Or my lawyer. Or my accountant. And most especially not my banker, financial adviser, etc.

    In fact, for these people deniability makes a solution look much less attractive. People get *really* nervous when their accountant or lawyer has strong deniability about what the advice they gave you, about where your money went, etc.

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  2. Re:SuSE does this out of the box... by pwagland · · Score: 5, Interesting
    Indeed the patch is available.

    Also, you can get all of the patches that SuSE use on their kernel, not only this one. Please note that this link is

    1. A mirror of the official SuSE site, and
    2. The SuSE development kernel. I.e. this kernel is not guaranteed for production use!
    3. The production kernel source is here.
  3. Re:It's Really Pretty Trivial by Anonymous Coward · · Score: 3, Interesting
    You were doing a stellar job there until the uncalled for jabs at the end of that post. Maybe there are other slashdot readers out there that are interested in having an encrypted file system?

    Maybe having an encrypted file system could be part of the install process for upcoming Linux distributions - an easy to use system for encryption in the partitioning stage of the install. Couple that with a runtime tool that can create encrypted partitions after the install, and you immediately have another big plus point over Windows, especially for people in government who have a habit of leaving laptops with top secret material on in taxi cabs.

    In other news, the UK government is going to buy 500,000 copies of Windows XP. As a taxpayer, I disagree with this use of my tax money, and with the close relationship that the current government has with Microsoft. I feel that the best solution for the taxpayers is not being researched in the name of PR and photo opportunities for government ministers. And why does the government need to upgrade their computer system to Windows XP? What is wrong with 2000 - a proven OS now, not a just released one...

  4. Re:It's Really Pretty Trivial by dman123 · · Score: 3, Interesting
    Although I will not be verifying your implementation, your post is well written and seems very informative. Why did you go and blow it at the end??

    I constantly have to defend myself against being called part of a cult that is "drinking the Kool-Aid" and this type of attitude does not help. I am proud to be a geek/nerd, but the moment anyone thinks of me as arrogant or haughty, I feel bad.

    --

    --
    dman123 forever!
    Filtering out the -1s and 0s since 1999.
  5. Lame, Windows XP implementation by Zeinfeld · · Score: 4, Interesting
    So I happily install XP Professional because it has the ability to use encrypted file stores. This would be just the thing to carry files from one machine to another on a 128Mb Compact flash or so.

    Bzztt... wrong...

    Turns out that NTFS cannot be used on removable disks, even though the NTFS semantics are better suited (think what happens when a disk is unmounted unexpectedly.

    The main reason I use an encrypted disk is that I have a lot of client sensitive info on my machine, including high level strategic plans for a Nasdaq 100 company.

    Encrypted disks should be used as a matter of course on machines used by lawyers, doctors, accountants, anyone with a professional confidentiality duty. Laptops get stolen, machines get sold with confidential information still on the drives.

    I am more skeptical about the need for encrypting file systems for geeks, after all most sysops would do better to keep less secrets rather than more.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/