On Thu, 2 Jan 2014, Joe Zeff wrote:
On 01/02/2014 08:32 AM, Steve Searle wrote:
You would be better off using disc encryption, and claiming that you used a long pass phrase which you had written down rather than remembered, and that you had destroyed the paper it was written on.
Just to toss an idea out here. Imagine an accountant who has all of his work data on a big partition mounted at (let's say) /data. If he wanted to hide a "second set of books," he could close his accounting program, unmount the partition and restart the program, so that /data now pointed to someplace on his main partition. When he's done, he exits and remounts the partition. The data's there, you can get to it if you know what to do, but I can't help but wonder how likely anybody, such as a forensic accountant, that was examining your system would even think of such a thing. Any thoughts?
1) friend of mine many years ago used to do that -- while working full-time for a company, he created a separate filesystem on the company server for his own stuff that he would mount manually.
2) any forensic analyst that would be fooled by something like that would be a total incompetent.
rday