Somewhat OT, encryption question
Bill Oliver
vendor at billoblog.com
Wed Nov 26 20:42:19 UTC 2014
On Wed, 26 Nov 2014, Bruno Wolff III wrote:
> On Wed, Nov 26, 2014 at 17:39:34 +0000,
> Bill Oliver <vendor at billoblog.com> wrote:
>>
>> For the HP issue, the fix is easy -- you just delete the command to check
>> during boot up. But, I was thinking about this as an encryption option --
>> where one could encrypt files in a way that automatically incorporates
>> hardware information with the passphrase. That way, if someone were to
>> intercept a file and knew your passphrase, they would still not be able to
>> decrypt the file unless they did it on one specific machine.
>
> What threats are you trying to counter? The normal putting file systems on
> top of a luks container should be good enough for a lot of threats.
>
I don't want someone to be able to image my disk and unencrypt it on a
different machine if they have intercepted my passphrase.
billo
More information about the users
mailing list