At 09:34 AM 02/06/2003 -0500, Tyler Durden wrote:
Depends on the operating system you're running and theI've got a question...If you actually care about the NSA or KGB doing a low-level magnetic scan to recover data from your disk drives, you need to be using an encrypted file system, period, no questions.OK...so I don't know a LOT about how PCs work, so here's a dumb question.
file system encryption program you're running
and the options you've picked when running them.
(There are no dumb questions, just questions leading to overly-general answers...)
As far as "slowing down the PC" goes, it depends a lot on how fast yourWill this work for -everything- that could go on a drive? (In other words, if I set up an encrypted disk, will web caches, cookies, and all of the other 'trivial' junk be encrypted without really slowing down the PC?)
CPU is, how much memory you've got, how fast your disks are,
how overloaded your machine is already, etc.
On newer machines, this isn't too likely to be a problem,
and older machines can be fixed by not running Windows....
If you're a gamer, you're more likely to worry about the performance,
but more likely to have a fast enough CPU...
The usual things you need to protect are
- Files and filenames and directories - almost everything does this
- Swap Space - this one's often hardest to get right,
depending on the operating system.
- Temp files and log files that let you decide where to put them
- Temp files and log files that don't document where to put them
(Windows is full of these....)
- File Systems / Partitions / etc. - many of the programs let you create
additional virtual disks (e.g. D:, E:, F: on Windows, cute icons on Macs),
but not all the programs can do C: or Unix "/" root drives.
Creating additional virtual disks doesn't usually give you
encrypted swap space or encrypted undocumented temp directories,
unless you've got an operating system that lets you
specify where the swap goes and only enable it after
turning on the encrypted drive.
If you want to know what PGPdisk does off the shelf,
with the current incarnations of PGP.com and PGPdisk, I'd say ask Jon Callas.
The reason I ask is that's it's very easy to imagine that, say, FedGroup X wants to take out some outspoken or otherwise questionable person by secretly introducing some kiddie porn or whatnot onto the drive. 15 minutes later they burst through the door and grab the PC.
If they can "secretly introduce" things onto your disk, you've got a
raft of other problems - can they secretly introduce a password stealer?
On the other hand, they could email you some thoughtcrime and then bust in,
or stego it into legitimate things you're downloading
("Wow, Yahoo Maps seems sss.lll.oooo.www Today!")
("This new freebie game 'Trojan Horse' is fun, but the download's pretty big!)
