[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Disk encryption and installing new versions of Fedora

--- Robin Laing <Robin Laing drdc-rddc gc ca> wrote:

> Mike wrote:
> > Mike <mike.cloaked <at> gmail.com> writes:
> > 
> >> Can any experts who know about this comment please?
> >>
> >> If disk encryption using dm-crypt/luks is not fully supported then what tools 
> >> or changes might be required within the distribution to properly support this
> >> facility?  Is this going to get more support in F9?
> > 
> > No-one interested in disk encryption?  It is I understand supported
> > well in Ubuntu! Fedora should be just as secure in this regard - surely? 
> > 
> > 
> > 
> > 
> Hi Mike,
> I have been looking into this over the Xmas holidays and I am interested 
> and would prefer a clean install with total encryption.
> After spending some time looking at forensic tools and how easy it is to 
> pull data from hard drives is interesting.  One reason I want to do 
> encryption.
> I am about to encrypt the swap and tmp on my laptop.  Then to extend it 
> to the home directory.  Once I know that the laptop is working as 
> expected, the desktop is next.  I have to ensure that the laptop is 
> working properly so my wife doesn't kill me.  :)
> I am doing this at home so all the links and info I have are bookmarked 
> there.  It isn't straight forward and as easy as I would expect hope. 
> The options are open to which way to accomplish this.
> I would like to have each users /home encrypted with their own key but 
> without the hassle of knowing how much space they will need.  I need the 
>   to see the system encrypt/decrypt users files without the need to 
> partition the /home mount for each user.
> There are many tools for Windows and I see that there is a simple way in 
> Ubuntu to add encryption.  As stated on this list, many are in need of 
> encryption to keep using Linux at work.  I think we are about a year 
> away from that ourselves.

Are that many people really that careless with their laptops? I think people worry too much about
encrypting laptops. If a company has it's shit together they are not letting you go home with
sensitive info(They should be preventing cd burning and removable media,disabling such actions
,even not having such devices installed, no usb ports on PC's, physical locks on PC case,no
offline files, etc...), all data should be backed up to a network location that has strict
security. A well thought out security scheme considers this and more. If you are among the few
that are allowed to do so (a handful maybe?) then hopefully you are not so irresponsible as to
leave it unsecured (by which i mean out of your sight) If someone targets you because of your job
then its probably fair to say that you deal with sensitive info, so they will( by which i mean i
would) be counting on encryption and be prepared to deal with it. Most of the high profile stories
i have seen involve employees taking home info they should not have in the first place. Again the
organization's IT Dept. should be disabling cd burning and removable media to reduce the incidence
of such cases.Prevent the copying of files off the local volume or network location. Considering
average "real world" user skill levels that would probably prevent most such incidents.
> Lack of encryption on the install could stop the usage of RedHat 
> products in many locations.
> Depending on the situation, multiple levels of encryption will be 
> required.  Drive, directory and then file.
> -- 
> Robin Laing

> -- 
> fedora-list mailing list
> fedora-list redhat com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Never miss a thing.  Make Yahoo your home page. 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]