Image 01


Anthony Thyssen

Security 41 comments

by trisz
Score 63.3%
Dec 17 2007
I would NEVER EVER open a encrypted filesystem in a graphical window manager. Period.

The problem is that they all like to create 'icon' files which typically get stored in a sub-directory of your home, outside the encrypted file system.

If someone was to steal your laptop, or break into your machine they can get a really good idea of what you have encrypted by just looking at these icons.

Even if you don't have images, movies, or postscript files in your encrypted folder, that generates visible thumbnails, the black hats can still get an idea of what file names you are using from the thumbnails and any possible browsing history it may keep.

Even with command line shells you need to keep in mine shell history, and take appropriate measures to protect yourself. Same goes for editors that could make use of /tmp.

Now don't get me wrong. I use EncFS a lot, and not just for files I want secure, but for a lot of less important files too (the more you have the the harder it is to separate the craff or fake un-decipherable data). But you can't just use it blindly.
- Nov 22 2010