Jeff Abrahamson on 11 Dec 2003 14:50:03 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Re: Thoughts on creating a virtual file system


On Thu, Dec 11, 2003 at 01:58:28PM -0500, Mike Leone wrote:
> Walt Mankowski (waltman@pobox.com) had this to say on 12/11/03 at 12:08: 
> > On Thu, Dec 11, 2003 at 11:53:58AM -0500, gabriel rosenkoetter wrote:
> > > On Wed, Dec 10, 2003 at 04:51:34PM -0500, Jeff Abrahamson wrote:
> > > > Then why not have a designated directory that you rsync around.  You
> > > > could even use the -C option if changes are sparse enough and you want
> > > > to go both ways.  What do you get by having your file system in a file
> > > > and mounted with loopback?
> > > 
> > > I get the feeling that he may not have control over the computer
> > > where he's working, and may not want to ever actually leave files on
> > > it. (Say, a lab machine, or a shared for-contractors system as a
> > > contract employee.)
> > 
> > It's no harder to delete a directory of files than a single file.
> 
> It is when they cancel your contract while you're not onsite. And now you've
> left files there, with no way of retreival. If you do this virtual file
> system thing on a USB flash drive on your keychain, you take copies of all
> your information, notes, etc, whenever you leave the rpemises. And it's more
> portable than a CD, requires no burner hardware, etc.

This relates to a discussion we were just having here over lunch.
Even on a home machine where we trust things, there's some advantage
to having an encrypted loop-back file system that you mount when you
log in (or the first time you log in after reboot).  Then you can put
~/.gnupg/ and anything else that needs to be really secure on that
file system.  If the machine is ever stolen or the disk dies, you have
no worry of confidential data being left on the drive.

I have a couple old drives that I'm probably going to take a hammer to
just because I don't need them and don't feel like setting up a whole
machine (or taking down an existing one) just to wipe the sensitive
info like my gpg keychain.

-- 
 Jeff

 Jeff Abrahamson  <http://www.purple.com/jeff/>
 GPG fingerprint: 1A1A BA95 D082 A558 A276  63C6 16BF 8C4C 0D1D AE4B

Attachment: pgpVh952fchxD.pgp
Description: PGP signature