On Sun, 2007-06-10 at 06:39 -0700, Kai Ponte wrote: > On Fri, June 8, 2007 1:29 pm, Carlos E. R. wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > > The Friday 2007-06-08 at 13:06 -0400, George Stoianov wrote: > > > >> Guys lets not forget that encrypting a partition is only protecting > >> data when the computer is turned off i.e. none can just start it and > > > > Obviously. I haven't forgotten that. But referent to the OP mail, it > > is > > theft of the portable computer what the company is worried about; and > > the > > highest risk of theft is when on the move, with the portable off and > > inside its bag. > > Yes, that *is* my concern. > If the content of /home, or /home/johndoe is to be protected at all cost, one might think about using tokens...
Eventough PIN/PUK are virtually impossible to break, the token should never be kept with the notebook (with a post-it memo with the pin&puk-code ;), but in your wallet or key-chain. If the notebook got nicked, the thief only sees a free-and-open O.S. And even *if* he can log in, as root, he can not decipher anything without the token and the knowledge of it's pin-code. Having said this, do you access you data from linux/bsd-only machines? If so, (and the sensitive data is not to much..) why not put that part of your data on an encrypted usb-stick? HW -- pgp-id: 926EBB12 pgp-fingerprint: BE97 1CBF FAC4 236C 4A73 F76E EDFC D032 926E BB12 Registered linux user: 75761 (http://counter.li.org) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]