James Knott wrote:
> cujo wrote:
>
>>> To guard against that put in an encrypted
>>> filesystem.
>>
>> Yeah, but... the key for decryption ? To be secure, it HAS to be
>> manually input someway at every reboot.
>
> There was an article recently, in the Linux Journal, about booting from a
> USB pen drive, to access the encrypted file system. No USB key, no
> access.
That sounds excellent, but wouldn't that get you dependent on the integrity
and existence/presence of your 'USB key'? Will you start producing spares
and exchange them with the next door neighbour? What if the system cannot
mount the USB device? There is risk involved.
I don't believe that many people will require /that/ much security unless
they do something illegal. Threat from the network is probably far greater,
especially with a flawed operating system in place or a poor password that
can allows breaching using brute-force.
Roy
|
|
