[ltp] Re: Good FS for laptop
Kevin Krause
linux-thinkpad@linux-thinkpad.org
Tue, 1 Jun 2004 18:19:53 +0200
Out of curiosity (and paranoia) - how does this compare performance-wise
to an unencrypted file system?
Bob:
> I've been running PPDD on top of ext3 for my ThinkPad R31 for 1.5 years
> with no problems, despite a few crashes (all but 2 being operator
> error).
>
> PPDD is an encrypted file system available from:
>
> http://linux01.gwdg.de/~alatham/ppdd.html
>
> It supports ext2, ext3, reiserfs and maybe more. I run it on top of my
> /home and /home2 partitions. Thus, if my laptop is shut down and
> stolen or lost, my business data is not lost. Unless an encrypted file
> system is mounted (with a password needed for mounting), all file
> system data, including file names, is strongly encrypted and
> unavailable.
>
> It does require some kernel patches be installed. I don't build
> kernels every day but I am a very experienced C programmer and it took
> me about a day's effort to set up.
>
> One also can have one's root file system encrypted due to some booting
> tools that come with it. (The risk of not encrypting the root file
> system is that "deleted" temporary files can be found by hackers. I
> periodically run a script that fills up all free space on each file
> system and then frees it to deal with this.)
>
> Bob Toxen, CTO
> Fly-By-Day Consulting, Inc.
> "Your expert in Firewalls, Virus and Spam Filters, VPNs,
> Network Monitoring, and Network Security consulting"
> http://www.verysecurelinux.com [Network & Linux/Unix Security
> Consulting] http://www.realworldlinuxsecurity.com [My 5* book: "Real
> World Linux Security"] http://www.verysecurelinux.com/sunset.html
> [Sunset Computer]
> bob@verysecurelinux.com (e-mail)
>
> Author,
> "Real World Linux Security: Intrusion Detection, Prevention, and
> Recovery" 2nd Ed., Prentice Hall, (C) 2003, 848 pages, ISBN: 0130464562
> Also available in Japanese, Chinese, and Czech.
>
> If you spend more on coffee than on IT security, you will be hacked.
> What's more, you deserve to be hacked.
> -- White House cybersecurity adviser Richard Clarke
>
> Public key available at http://www.verysecurelinux.com/pubkey.txt,
> keyservers,
> and on the CD-ROM that comes sealed and attached to Real World Linux
> Security
> pub 1024D/E3A1C540 2000-06-21 Bob Toxen
> <book@realworldlinuxsecurity.com>
> Key fingerprint = 30BA AA0A 31DD B68B 47C9 601E 96D3 533D E3A1
> C540
> sub 2048g/03FFCCB9 2000-06-21
--
nibbler - up 1 day, 3:48, 1 user, load average: 0.02, 0.10, 0.16