root encryption vs just /home encryption?
Ralf Ertzinger
fedora at camperquake.de
Tue Mar 25 09:45:09 UTC 2008
Hi.
On Tue, 25 Mar 2008 02:38:38 -0700, Andrew Farris wrote:
> You're probably right about that, but they should be relevant. If a
> machine containing my information is lost/stolen I do not care
> whether the company thinks their encryption on it was *probably* good
> enough, I should be notified the information is out of their control.
Even assuming the memory-pull-attack is technically feasible and workable
under non-lab conditions I (as an attacker) would rather go against weak
passwords or use trojans to get your secret data. I don't think that
throwing all our resources on this specific attack is a good use of
our time.
More information about the fedora-devel-list
mailing list