Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Independence from Kernel Internals? (Score 1) 330

by jdbear (#22383934) Attached to: TrueCrypt 5.0 Released, Now Encrypts Entire Drive
By saying that he has FIVE disks that are entirely encrypted, he gave you a clue that they were not all bootable disks. Why would one worry about putting an MBR on a non-bootable disk? If there's no MBR on the disk, why would one worry about whether it is encrypted or not?

Why is everyone so hung up on encrypting a boot record, anyway? The purpose of encrypting these disks is that one cannot take a disk away and gain access to the data. If someone had physical access to a system, where they could alter the system then put it back in place for the owner unsuspecting owner to use again, the encryption system used is not the problem. Given that level of intrusion, passwords and even biometric measures are likely to fail to protect the data. I'm not sure a secure token would be enough for that dedicated a hacker.

For less drastic protection, allowing the boot disk to load up the encryption algorithm and present a challenge and password should be sufficient. It would be very easy to configure a USB key to be the boot device for a system, and have the boot sequence mount the kernal from an encrypted disk. No MBR on the root disk at all, so the entire disk could be encrypted.

"Mr. Watson, come here, I want you." -- Alexander Graham Bell