[Noisebridge-discuss] Encryption in the Ubuntu LiveCD installer
Seth David Schoen
schoen at loyalty.org
Thu Apr 28 22:43:57 UTC 2011
Micah Lee writes:
> If you can just click "encrypt my hard drive" during the install, a lot
> of people who have no idea that whole disk encryption is an option with
> Ubuntu will have much stronger security. And I'll finally be able to
> download the normal desktop CD to install Ubuntu.
I totally agree with this.
The normal CD does support home directory encryption, via ecryptfs,
instead of full disk encryption. Unfortunately ecryptfs is slow
and doesn't scale well to large directories (the metadata for
each file is separately encrypted and requires a separate disk
read and crypto operation per-file for stat or readdir) so people
who check the crypto box may end up with a dim view of how efficient
disk crypto is. (I think ecryptfs could be a good choice for a
system that's commonly used by multiple users, but not for the
increasingly common case of a basically single-user laptop.)
--
Seth David Schoen <schoen at loyalty.org> | Qué empresa fácil no pensar en
http://www.loyalty.org/~schoen/ | un tigre, reflexioné.
http://vitanuova.loyalty.org/ | -- Borges, El Zahir
More information about the Noisebridge-discuss
mailing list