data security
Orr Dunkelman
orr.dunkelman at gmail.com
Wed Feb 4 13:16:32 IST 2009
On Wed, Feb 4, 2009 at 12:02 PM, Shachar Shemesh <shachar at shemesh.biz> wrote:
> Also, keep in mind that some things are automatically generated but still
> sensitive. The most important examples are my bash history file (
> .bash_history under your home directory) and the database for the "locate"
> command (/var/cache/locate). The former shows a history of the commands I
> type, and the later has a list of all files on the system, including those
> inside the encrypted directory.
Well, there is no problem in changing the location of locate's database, right?
generate /var/sensitive/cache as a third partition, and throw there
whatever you need.
The question is whether your swap partition is encrypted or not.
In case it is not - you are probably writing too many secrets to the hard disk.
If it is - well, then I can understand why the machine is slow.
Besides that, knowing about speeds of encryption and hard drives, it
seems that if you use good ciphers, there should be no real
performance lose (I know that there is such, but I never figured out
why).
--
Orr Dunkelman,
Orr.Dunkelman at gmail.com
"a scientific man ought to have no wishes, no affections, -- a mere
heart of stone" - Charles Darwin.
GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA
(This key will never sign Emails, only other PGP keys. The key
corresponds to orrd at vipe.technion.ac.il)
More information about the Linux-il
mailing list