On Wed, 2003-02-19 at 15:35, Erik Mouw wrote: > File level encryption gives an attacker information about the files on > your system. > > Suppose I can get hold of your disk and I want to know if you are > subscribed to linux-kernel. I just mount the disk, and if I find a file > called "dwmw2/Mail/linux-kernel", it gives me a large hint you are > indeed subscribed. No, I can't decrypt the file, but that wasn't my > purpose. I do however know the file metadata, like the filename, the > owner, modification time, length, etc. Not if the metadata were encrypted too. You speak only of block-level encryption and of file-level (i.e. application-based) encryption. But don't forget that there's a layer _between_ the applications and the block device. :) My question was what's wrong with doing encryption in the file system? -- dwmw2 -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
