Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment Re:Independence from Kernel Internals? (Score 1) 330

By saying that he has FIVE disks that are entirely encrypted, he gave you a clue that they were not all bootable disks. Why would one worry about putting an MBR on a non-bootable disk? If there's no MBR on the disk, why would one worry about whether it is encrypted or not?

Why is everyone so hung up on encrypting a boot record, anyway? The purpose of encrypting these disks is that one cannot take a disk away and gain access to the data. If someone had physical access to a system, where they could alter the system then put it back in place for the owner unsuspecting owner to use again, the encryption system used is not the problem. Given that level of intrusion, passwords and even biometric measures are likely to fail to protect the data. I'm not sure a secure token would be enough for that dedicated a hacker.

For less drastic protection, allowing the boot disk to load up the encryption algorithm and present a challenge and password should be sufficient. It would be very easy to configure a USB key to be the boot device for a system, and have the boot sequence mount the kernal from an encrypted disk. No MBR on the root disk at all, so the entire disk could be encrypted.

"Don't worry about people stealing your ideas. If your ideas are any good, you'll have to ram them down people's throats." -- Howard Aiken