http://brainstorm.ubuntu.com/item/23/
Swap
Home
Root
All

[787 votes] Solution #1: Auto-generated solution of idea #23


]]> en-us Thu, 28 Feb 2008 14:43:33 +0000 Fri, 17 Apr 2009 02:29:23 +0000 QAPoll module http://brainstorm.ubuntu.com/idea/23/ Thu, 28 Feb 2008 14:48:39 +0000 Thu, 28 Feb 2008 15:04:53 +0000 Fri, 29 Feb 2008 01:43:51 +0000
The only good solution is to adapt standard installer and make a support for encrypted volumes.
]]> Fri, 29 Feb 2008 09:04:59 +0000 if someone (most likely noob) screws up his system and asks for help he will most likely not know his encryption-key and his data is lost. --> Ubuntu will be the "bad Guy" who has eaten up all the data

disc-encryption is a feature for rather professional or geek use, which know what they're installing]]> Fri, 29 Feb 2008 10:36:48 +0000
The options should be full disk encryption or no encryption.

If I encrypt data, I expect it to be inaccessible. Now, consider that the data has to be decrypted to work with. What if I have data files in my home directory which are encrypted, but are loaded into an application to work with? Now, it's entirely possible that the data will be swapped to disk. If swap isn't encrypted, the data is vulnerable.

Also consider that many files may write to various temporary directories which aren't encrypted.

Partial encryption is a bad idea -- there are simply too many possibilities for data leak, especially for inexperienced users, to consider. If it's worth encrypting, it's worth doing right.]]> Fri, 29 Feb 2008 13:19:25 +0000
Enabling the full disc encryption on the run is not impossible. All it requires is X gigabytes of unallocated space for a temporary partition. Move everything there, modify grub config, reboot into configuration mode, remove the previous partitions / lvm. Create new one as encrypted, initialize it, create new fs, copy the stuff from temp partition back, fix bootloader, reboot. Voila.

The problem is... How to make it really reliable. It can screw up things. A lot.]]> Fri, 29 Feb 2008 22:26:48 +0000 Sun, 02 Mar 2008 08:29:31 +0000 It is possible to in-place encrypt an unencrypted partition, and to reverse this.

However, this is very dangerous because if the system loses power, etc. while this operation is being done, the partition is hosed.]]> Mon, 03 Mar 2008 16:39:58 +0000 Mon, 10 Mar 2008 03:30:16 +0000
During the Vietnam War, my commanding officer, Colonel Morrison, gave us orders to rob the Bank of Hanoi to help bring the war to an end. We succeeded in our mission, but on returning to our base four days after the end of the war, we found our C.O. murdered by the Viet Cong and his headquarters burned to the ground. Therefore no proof existed that the we were acting under orders, and we were sent to prison by a military court. We were sent to Fort Bragg, from which we escaped before we could actually stand trial.

We are a group of United States Army Special Forces who work as soldiers of fortune while being on the run from the military for a "crime we didn't commit".

This is why we need encryption!]]> Thu, 13 Mar 2008 00:53:31 +0000 Thu, 13 Mar 2008 03:52:36 +0000 It encrypts the entire disk while it is being used. I.e. While it is mounted.
One can even shutdown the PC during the encryption process.
It prompts for a password on cold boot and return from hibernate.
It would be nice to have a Linux whole disk encryption that could do the same. When translated into Linux, the password would be asked for before the GRUB prompt.
]]> Fri, 26 Sep 2008 18:43:48 +0000 Sun, 21 Dec 2008 08:36:09 +0000
there any news about full disk encryption in this new version???


thankz]]> Fri, 17 Apr 2009 02:29:23 +0000