Re: [Tails-dev] Fwd: Re: Whole USB encryption for Tails.

Supprimer ce message

Répondre à ce message
Auteur: sajolida
Date:  
À: The Tails public development discussion list, donald.e.flood
Sujet: Re: [Tails-dev] Fwd: Re: Whole USB encryption for Tails.
Donald E. Flood wrote:
>> Just an idea, of course, (and, not mine):
>>
>> http://www.infosecramblings.com/backtrack/backtrack-5-bootable-usb-thumb-drive-with-full-disk-encryption/


Thanks for taking the time to submit that proposal.

I think that having full-disk encryption for Tails doesn't make much
sense as the clear-text partition of Tails (the system partition) is
strictly the same one for every Tails user. There no data to protect in
there. All the personal data are already stored in Persistence.

I don't know Backtrack (now Kali) very well, but I think that you can
customize permanently your system, store stuff in /home, etc. So it
makes more sense to have full-disk encryption there.

To get into more details, full-disk encryption also guarantees that
nobody without the passphrase modified or corrupted your system. This
would be a desirable feature for Tails, but in any full-disk encryption
system you still need a bootstrap partition that is necessarily in
clear-text (at least to open the encryption). So this part might get
corrupted as well and defeat the authenticity mechanism of the full-disk
encryption.

--
sajolida