data security

data security

Meir Michanie meirm at riunx.com
Wed Feb 4 15:09:51 IST 2009 

He asked about what to do with his broken harddisk.

> ----- Original Message -----
> Subject: Re: data security
> From: Erez D <erez0001 at gmail.com>
> To: "Meir Michanie" <meirm at riunx.com>
> CC: "linux-il" <linux-il at cs.huji.ac.il>
> Date: 04-02-2009 13:47
> 
> 
> On Wed, Feb 4, 2009 at 1:10 PM, Meir Michanie <meirm at riunx.com> wrote:
> 
> > What about  /etc/shadow  and other sensitive files? so no encrypting
your
> > root filesystem is also an issue.
> >
> > What if you put the hard drive under a very strong magnetic field?
> 
> 
> and what if your laptop is stolen ...
> 
> 
> >
> >
> > > ----- Original Message -----
> > > Subject: Re: data security
> > > From: Shachar Shemesh <shachar at shemesh.biz>
> > > To: "Orr Dunkelman" <orr.dunkelman at gmail.com>
> > > CC: "linux-il" <linux-il at cs.huji.ac.il>,"Erez D" <erez0001 at gmail.com>
> > > Date: 04-02-2009 13:02
> > >
> > >
> > > Orr Dunkelman wrote:
> > > >
> > > >
> > > > I guess that the configuration may still reveal some secrets (like
> > > > which hosts are important enough to be in /etc/hosts), but it's
better
> > > > than nothing...
> > > >
> > > >
> > > On my laptop, "most" of the data is not encrypted. I discovered that
> > > compiling inside an encrypted partition is horrendously slow. Still, I
> > > do it if the data is sensitive (e.g. - all data and sources belonging
to
> > > clients automatically goes there). I also keep certain important stuff
> > > there (my email client folder, my documents folder, browser history
> > > etc.) This is fairly easily achieved with symbolic links.
> > >
> > > Also, keep in mind that some things are automatically generated but
> > > still sensitive. The most important examples are my bash history file
(
> > > .bash_history under your home directory) and the database for the
> > > "locate" command (/var/cache/locate). The former shows a history of
the
> > > commands I type, and the later has a list of all files on the system,
> > > including those inside the encrypted directory.
> > >
> > > This configuration is more dangerous, no doubt, as it is entirely
> > > possible that I have missed something (do share if you think of
> > > anything). It works pretty well for me, however.
> > >
> > > Shachar
> > >
> > > _______________________________________________
> > > Linux-il mailing list
> > > Linux-il at cs.huji.ac.il
> > > http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >
> > _______________________________________________
> > Linux-il mailing list
> > Linux-il at cs.huji.ac.il
> > http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >

More information about the Linux-il mailing list