PINE64   ›   Pinebook Pro   ›   Linux on Pinebook Pro   ›   Encrypted disk

Thread Closed 
Encrypted disk
lordcirth
Pine Initiate
**
Joined: Nov 2019
Posts: 2

Reputation: 0
#8
11-04-2019, 01:30 PM
Quote:By the way, what does one gain by full-disk encryption? The term is misleading as one does not encrypt the /boot partition including the kernel and initrd.

If one wants to prevent someone from tempering with the root filesystem, then that's also possible by replacing the initrd with one that that includes a backdoor. The backdoor can modify the root filesystem right after it's unencrypted and before the boot continues.

A number of things, compared to filesystem-layer encryption:
  • While you can keep all private data in your homedir, it's easy to leak outside that - /var/log, swap, /etc, /tmp, etc.
  • Performance & reliability - dm-crypt translates one block device to another. eCryptFS has to implement a POSIX filesystem that saves to another POSIX filesystem.
  • Metadata leakage: while eCryptFS encrypts filenames, the directory structure, file count, file size, etc is all preserved in the encrypted version. If I can see that you have a directory with around 1000 files in it, whose directory structure and file sizes match an untarred torbrowser.tar.gz, that's information.
Thread Closed 


Messages In This Thread
Encrypted disk - by jpakkane - 09-27-2019, 02:29 PM
RE: Encrypted disk - by Arwen - 09-27-2019, 04:22 PM
RE: Encrypted disk - by Skywheel - 11-01-2019, 12:09 AM
RE: Encrypted disk - by Solra Bizna - 11-01-2019, 01:00 AM
RE: Encrypted disk - by Der Geist der Maschine - 11-03-2019, 10:49 PM
RE: Encrypted disk - by jpakkane - 11-04-2019, 11:02 AM
RE: Encrypted disk - by Der Geist der Maschine - 11-04-2019, 11:29 AM
RE: Encrypted disk - by lordcirth - 11-04-2019, 01:30 PM
RE: Encrypted disk - by Der Geist der Maschine - 11-05-2019, 08:56 PM
RE: Encrypted disk - by lordcirth - 11-06-2019, 11:07 AM
RE: Encrypted disk - by ninefathom - 11-14-2019, 06:39 AM
RE: Encrypted disk - by m80 - 11-22-2019, 01:57 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
Question Manjaro with Full Disk Encryption and GRUB dumetrulo 1 2,316 02-02-2024, 02:45 AM
Last Post: frankkinney
  Issue with booting Manjaro from encrypted NVMe drive on pbp Cs137 1 1,367 08-18-2023, 01:58 AM
Last Post: juliamenendez
  Encrypted Root jaredoconnor 1 1,314 01-19-2023, 02:27 PM
Last Post: Cs137
  Enter disk description passphrase Galaxy9 1 1,130 01-14-2023, 02:49 PM
Last Post: fxc
Information Install Void Linux with near-full-disk encryption dumetrulo 3 3,912 09-05-2022, 12:00 PM
Last Post: petersen77
  Manjaro Arm Encrypted EMMC detrexer 8 9,118 03-20-2020, 12:13 PM
Last Post: GloriousCoffee

Forum Jump:


Users browsing this thread: 5 Guest(s)