How to protect an encrypted file system for off-line attack?
- From: Javier <javuchi@xxxxxxxxx>
- Date: Sat, 21 Feb 2009 17:16:17 +0100
Sorry for my ignorance in this respect, I hope you can help me.
I'm actually using encfs to protect my sensitive data, but this is what
is said in the manual:
"""The most intrusive attacks, where an attacker has complete control of
the user’s machine (and can therefor modify EncFS, or FUSE, or the
kernel itself) are not guarded against. Do not assume that encrypted
files will protect your sensitive data if you enter your password into a
compromised computer. How you determine that the computer is safe to
use is beyond the scope of this documentation."""
So my question is: how can I truly protect a filesystem against offline
attacks?
I have thinking of using an SD card for storing the passwords in, and
some kind of script or program to automatically retrive password from
the card when needed. Then, if I retire the card, then my filesystem is
secure.
But I also have more questions... is the AES encoder that encfs uses by
default secure enough? If not, is there another way to use another one,
for example, GnuPG?
Thank you.
--
gpg --keyserver pool.sks-keyservers.net --recv-keys AFC23C68
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- Follow-Ups:
- Re: How to protect an encrypted file system for off-line attack?
- From: Jordi Gutiérrez Hermoso
- Re: How to protect an encrypted file system for off-line attack?
- From: Jeff Soules
- Re: How to protect an encrypted file system for off-line attack?
- From: Ron Johnson
- Re: How to protect an encrypted file system for off-line attack?
- Prev by Date: Re: Java in Debian 5
- Next by Date: Re: How to protect an encrypted file system for off-line attack?
- Previous by thread: good webcam for Linux (low light, mic, 'just works')
- Next by thread: Re: How to protect an encrypted file system for off-line attack?
- Index(es):
Relevant Pages
|
