Comments on: Disk encryption in Fedora: Past, present and future http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/ Red Hat Magazine Thu, 24 Jul 2008 16:04:51 +0000 http://lyceum.ibiblio.org/?v=1.0.2 by: Un disco USB cifrato con Fedora Core 6 « ACM Sistemi ~ How to Linux, Mac, Windows http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-93910 Thu, 05 Jun 2008 10:57:50 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-93910 [...] L’articolo di RedHat Magazine che ha reso possibile questo documento:http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/. [...] […] L’articolo di RedHat Magazine che ha reso possibile questo documento:http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/. […]

]]> by: venkat http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-78666 Tue, 06 May 2008 12:36:39 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-78666 I am using fedora core 2. I want to enable file system encryption. How can i acheive this I am using fedora core 2. I want to enable file system encryption. How can i acheive this

]]> by: Tech, How to, Software Reviews, Linux, Dog, Make Money Online with AhTim http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-70917 Fri, 25 Apr 2008 01:25:39 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-70917 <strong>Free Data Encryption Tool</strong> I have showed you the way to protect files and folders with Folder Protector 5.0. Have you take action to protect your confidential files and folders? Well, its all depends on your needs. But I highly recommend you to protect them or at least encrypt t... Free Data Encryption Tool

I have showed you the way to protect files and folders with Folder Protector 5.0. Have you take action to protect your confidential files and folders? Well, its all depends on your needs. But I highly recommend you to protect them or at least encrypt t…

]]> by: TAMA http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-47127 Fri, 18 Jan 2008 06:21:02 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-47127 Run TRUECRYPT Easily On FEDORA - I HAVE THIS PATCH! Visit my blog here http://worldoftama.blogspot.com/. Download the installers and runtruecrypt file and do as directed. BINGO! u have it! http://worldoftama.blogspot.com/ Run TRUECRYPT Easily On FEDORA - I HAVE THIS PATCH! Visit my blog here http://worldoftama.blogspot.com/. Download the installers and runtruecrypt file and do as directed. BINGO! u have it! http://worldoftama.blogspot.com/

]]> by: wev http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-25713 Tue, 09 Oct 2007 02:15:43 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-25713 I spent 15 minutes typing an intelligent reply which got borkes with the message "your token has expired, please reload page" As a result I have nothing to contribute to this page. I spent 15 minutes typing an intelligent reply which got borkes with the message “your token has expired, please reload page”

As a result I have nothing to contribute to this page.

]]> by: Msquared http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-12387 Tue, 26 Jun 2007 18:52:53 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-12387 If you really want to hide data, and even make it plausibly deniable, you need something like stegfs. Unfortunately, that project has suffered due to lack of time for the developers to continue it. Details: http://www.mcdonald.org.uk/StegFS/ http://stegfs.sourceforge.net/ If you really want to hide data, and even make it plausibly deniable, you need something like stegfs. Unfortunately, that project has suffered due to lack of time for the developers to continue it.

Details:

http://www.mcdonald.org.uk/StegFS/
http://stegfs.sourceforge.net/

]]> by: John Hagtharp http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-7416 Mon, 28 May 2007 06:41:10 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-7416 Couldn't read this thread without feeling the need to correct Bruno's misunderstanding about Truecrypt hidden volumes. The hidden volume is NOT an unpartitioned area of a disk. The way it works is: 1. Create a truecrypt volume. (whole thing gets randomized) 2. Create a filesystem on it. 3. Stick some confidential looking files on it. 4. Create a hidden truecrypt volume which will occupy the free space area within the filesystem you created in step 2. This hidden volume just looks like legitimate free space within the filesystem on the encrypted volume. It is randomized but so is the rest of the volume so no way to detect it is there. I can't comment on other aspects of how secure truecrypt is. Couldn’t read this thread without feeling the need to correct Bruno’s misunderstanding about Truecrypt hidden volumes.

The hidden volume is NOT an unpartitioned area of a disk. The way it works is:

1. Create a truecrypt volume. (whole thing gets randomized)
2. Create a filesystem on it.
3. Stick some confidential looking files on it.
4. Create a hidden truecrypt volume which will occupy the free space area within the filesystem you created in step 2.

This hidden volume just looks like legitimate free space within the filesystem on the encrypted volume. It is randomized but so is the rest of the volume so no way to detect it is there.

I can’t comment on other aspects of how secure truecrypt is.

]]> by: Billy Huang http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-7386 Sun, 27 May 2007 16:13:01 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-7386 xjlittle: I read your note above about using HIPPA security. I don't know the full extent of your required implementation, but thought if you're looking for cross-platform encryption, would it be sufficient to create an encrypted hard disk on say a linux server, and share this as a windows device using SAMBA? This would been the data would be encrypted on your server, however there is nothing to stop your users copying the unencrypted files to their local machine, unless maybe you disable write access to all directories except the SAMBA share (say for their user home directory). Just an idea. Billy. xjlittle:

I read your note above about using HIPPA security. I don’t know the full extent of your required implementation, but thought if you’re looking for cross-platform encryption, would it be sufficient to create an encrypted hard disk on say a linux server, and share this as a windows device using SAMBA? This would been the data would be encrypted on your server, however there is nothing to stop your users copying the unencrypted files to their local machine, unless maybe you disable write access to all directories except the SAMBA share (say for their user home directory). Just an idea.

Billy.

]]> by: E.A.H. http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-1735 Wed, 21 Mar 2007 09:03:52 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-1735 Regardless of your approach, hidden volumes in TrueCrypt represent snake-oil and the illusion of security. The concept encounters a catch-22 situation where it suffers from either a known-plaintext attack against the metadata (identifying header information) or a situation of IMplausible deniability. Neither alternative is acceptable and both represent serious problems with crypto implementation. Until TrueCrypt is reviewed by reputable experts in the field (Bruce Schenier, et al) the product is suspect, anyhow. Implementing crypto properly is extremely complex and subject to numerous pitfalls for non-experts. Little is known about key-handling, for instance, in this product. These types of "unknowns" are the source of many errors. -Me Regardless of your approach, hidden volumes in TrueCrypt represent snake-oil and the illusion of security. The concept encounters a catch-22 situation where it suffers from either a known-plaintext attack against the metadata (identifying header information) or a situation of IMplausible deniability. Neither alternative is acceptable and both represent serious problems with crypto implementation.

Until TrueCrypt is reviewed by reputable experts in the field (Bruce Schenier, et al) the product is suspect, anyhow. Implementing crypto properly is extremely complex and subject to numerous pitfalls for non-experts. Little is known about key-handling, for instance, in this product. These types of “unknowns” are the source of many errors.

-Me

]]> by: W. Michael Petullo http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-133 Sun, 04 Feb 2007 10:34:25 +0000 http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/#comment-133 Eric Hopper, one may use pam_mount to mount an encrypted home directory. See an article I wrote for the Linux Journal titled "Implementing Encrypted Home Directories," http://www.linuxjournal.com/article/6481. Eric Hopper, one may use pam_mount to mount an encrypted home directory. See an article I wrote for the Linux Journal titled “Implementing Encrypted Home Directories,” http://www.linuxjournal.com/article/6481.

]]>