data security

[Shachar Shemesh]

Orr Dunkelman wrote:
>
>
> I guess that the configuration may still reveal some secrets (like
> which hosts are important enough to be in /etc/hosts), but it's better
> than nothing...
>
>   
On my laptop, "most" of the data is not encrypted. I discovered that 
compiling inside an encrypted partition is horrendously slow. Still, I 
do it if the data is sensitive (e.g. - all data and sources belonging to 
clients automatically goes there). I also keep certain important stuff 
there (my email client folder, my documents folder, browser history 
etc.) This is fairly easily achieved with symbolic links.

Also, keep in mind that some things are automatically generated but 
still sensitive. The most important examples are my bash history file ( 
.bash_history under your home directory) and the database for the 
"locate" command (/var/cache/locate). The former shows a history of the 
commands I type, and the later has a list of all files on the system, 
including those inside the encrypted directory.

This configuration is more dangerous, no doubt, as it is entirely 
possible that I have missed something (do share if you think of 
anything). It works pretty well for me, however.

Shachar