if you are asking how you protect your data while the OS is running and a loop-aes encrypted partition is mounted, you walk away from your laptop and someone walks up and reads your data - well obviously you shouldn't walk away from your laptop when an encrypted partition is mounted.
If you are asking how do you protect your mounted encrypted partition from an attack over a network, then that's a network+desktop security issue rather than a loop-aes issue. Obviously if an attacker has root access and your partition is mounted then they can read/alter that data.
My undretsanding is that it's best to unplug yourself from any network while using any kind of encryption, even from the power line if paranoid. For extreme paranoia, the machine should never ever be connected to any network and should be physically isolated (ie kept in a vault!).
rodger ellis <rellis@xxxxxxx> wrote:
Many thanks for all the feedbacks to my question.
In the first instance aes-loop is the way to go, but once the computer is
on and password has been applied then aes-loop has done its job -this is a very crude if perhaps incorrect assumption. Now what measures can be taken
to protect your data? for example (not a very good one as this is the other exterme) but you run a mail server, i suppose EncFS might a step in the
right direction.
The circle I am trying to complete is encryption on a labtop
against say theft or trusted parties abuseing that trust,(loop-aes) and finally trying to think of a way to protect data once the os is running.
Rodger
--
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
Ideal f�r Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
