On 06.11.2009, Si St wrote: > Is the security problems as to e.g. watermarks also affecting gnuPG? Well, I would think so if the ECB is used GnuPG uses CFB mode of operation (as defined in the OpenPGP standard), it's a streaming version of CBC and is therefore not vulnerable to watermarking. Please folks, correct me if I'm wrong. > I am a doctor and transfers daily info of thousands of patients every day on a USB-stick. > Before I used to plaintextcopy them all to the stick, but now I always encrypts it as a tar-file with gpg. > I transfer the journals from my office machine to home machines.... In my opinion, you're better off using LUKS/dmcrypt on the USB-stick. In addition, the whole system should be encrypted as well, to handle leaking of the passphrase/key. > The office machine is an old SuSE 7.3 !! with hardware from the year of the Lord 2001. > But this machine is NOT configured to internet - it is only a stand alone machine. This machine needs to be updated. A whole lot of things changed since 2001. > Was sagst du über diese Sache, mein lieber Heinz? Stubborness and remnant Newbie, maybe. I would update / replace the old machine with a new one, install some recent Linux distribution on it, with encrypted filesystems (incl. root/swap), and prepare the USB stick with a LUKS/dmcrypt formatted partition. Newer Linux kernels also provide a bunch of modes of operation which are not vulnerable to watermarking (XTS...). Alternatively, you could use an SSH tunnel using autorization via RSA-key from/to your home/workingplace machine and drop carrying sensitive data on your memory stick. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
