gabriel rosenkoetter on Fri, 8 Dec 2000 12:17:51 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux Crypto File Systems


Friend of mine is one of the co-founders of HavenCo (the data store
company based on Sealand... typical domain name conventions apply),
where they have various physical and software encryption devices.
(If anyone tries to physically move the servers without knowing
the appropriate key, the data is immediately rendered unuseable.)
The last time I bugged him about it, he was in a bit of a hurry, and
so didn't go into detail, but at least some of the stuff they're
using is freely available (with the caveat that some of it's illegal
in the US and other portions of it is actually really expensive,
military-grade stuff), and (some) details will eventually get posted
on www.havenco.com.

So, it is possible to *really* lock things down, but, in Philly,
getting a good deadbolt lock and putting up a sensible, stateful
firewall is probably sufficient. Encrypting your file system strikes
me as a bit ridiculous, since, by the time someone's actually got
any kind of access to your files, you're screwed. (Sure, encrypt
your file system... but what if they buffer overflow something and
union mount over your fancy, encrtyped fs? Whoops...)

       ~ g r @ eclipsed.net


______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug