Hi again, > So it is not the "system administrator", but the "SafeGuard® LAN Crypt > administrator", who can read your data. Where is the difference? the SG administrator can be anybody without knowledge of the os. This could be a supervisor, a manager, a lawyer. In my oppinion for highest security this is the best solution. > this is true for luks (and any other encryption method in unix-like systems) > as well. "root" can not read the data, that was encrypted before. _But_ he can > read it, as long as the user is accessing it, due to the necessity, that the > key has to be available to the local process, that decrypts the data for the > user. The difference is that the Windows administrator can not access the data even if the users are accessing the data. A big difference from my point of view. With LUKS this is unfortunately not possible. LUKS has different aims and I just wanted to check these out. Thanks a lot for pointing them out with me. Mathias --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
