[ltp] Re: Good FS for laptop

Kevin Krause linux-thinkpad@linux-thinkpad.org
Tue, 1 Jun 2004 18:19:53 +0200


Out of curiosity (and paranoia) - how does this compare performance-wise
to an unencrypted file system?

Bob:

> I've been running PPDD on top of ext3 for my ThinkPad R31 for 1.5 years
> with no problems, despite a few crashes (all but 2 being operator
> error).
> 
> PPDD is an encrypted file system available from:
> 
>      http://linux01.gwdg.de/~alatham/ppdd.html
> 
> It supports ext2, ext3, reiserfs and maybe more.  I run it on top of my
> /home and /home2 partitions.  Thus, if my laptop is shut down and
> stolen or lost, my business data is not lost.  Unless an encrypted file
> system is mounted (with a password needed for mounting), all file
> system data, including file names, is strongly encrypted and
> unavailable.
> 
> It does require some kernel patches be installed.  I don't build
> kernels every day but I am a very experienced C programmer and it took
> me about a day's effort to set up.
> 
> One also can have one's root file system encrypted due to some booting
> tools that come with it.  (The risk of not encrypting the root file
> system is that "deleted" temporary files can be found by hackers.  I
> periodically run a script that fills up all free space on each file
> system and then frees it to deal with this.)
> 
> Bob Toxen, CTO
> Fly-By-Day Consulting, Inc.
> "Your expert in Firewalls, Virus and Spam Filters, VPNs,
> Network Monitoring, and Network Security consulting"
> http://www.verysecurelinux.com       [Network & Linux/Unix Security
> Consulting] http://www.realworldlinuxsecurity.com [My 5* book: "Real
> World Linux Security"] http://www.verysecurelinux.com/sunset.html      
>              [Sunset Computer]
> bob@verysecurelinux.com (e-mail)
> 
> Author,
> "Real World Linux Security: Intrusion Detection, Prevention, and
> Recovery" 2nd Ed., Prentice Hall, (C) 2003, 848 pages, ISBN: 0130464562
> Also available in Japanese, Chinese, and Czech.
> 
> If you spend more on coffee than on IT security, you will be hacked.
> What's more, you deserve to be hacked.
> -- White House cybersecurity adviser Richard Clarke
> 
> Public key available at http://www.verysecurelinux.com/pubkey.txt,
> keyservers,
>   and on the CD-ROM that comes sealed and attached to Real World Linux
>   Security
> pub  1024D/E3A1C540 2000-06-21 Bob Toxen
> <book@realworldlinuxsecurity.com>
>      Key fingerprint = 30BA AA0A 31DD B68B 47C9  601E 96D3 533D E3A1
>      C540
> sub  2048g/03FFCCB9 2000-06-21


-- 
nibbler - up 1 day, 3:48, 1 user, load average: 0.02, 0.10, 0.16