| 1 |
Aren't you contradicting yourself here? |
| 2 |
I don't mean to be rude, but you've managed to confuse me ;) |
| 3 |
|
| 4 |
You say: |
| 5 |
>If you used TrueCrypt for this, it would not have to work on top of a |
| 6 |
>file system. |
| 7 |
|
| 8 |
But isn't there always, in any case a filesystem? Which completely or in |
| 9 |
parts gets encrypted/decrypted by the encryption layer? |
| 10 |
|
| 11 |
Then you say: |
| 12 |
>/dev/your_usb_drive_here and then format it with your file system of |
| 13 |
>choice (go ext2 if you're comfortable with using the Windows driver |
| 14 |
>that implements it;) |
| 15 |
|
| 16 |
This seems contradictory... |
| 17 |
|
| 18 |
As I understand it, I can either have just an encrypted disk, meaning |
| 19 |
that one or all partitions can be encrypted, with say dm-crypt (or |
| 20 |
truecrypt). As long as the underlying fs is supported. |
| 21 |
Or I can use full disc encryption. Which depending on implementation |
| 22 |
also encrypts all metadata, including the mbr of the disk. For this the |
| 23 |
fs does not necessarily have to be supported within the encryption |
| 24 |
layer?! |
| 25 |
|
| 26 |
But no matter what I do, I still when decrypting 'find' a filesytem that |
| 27 |
needs to be supported by my os. |
| 28 |
|
| 29 |
Please correct me if I'm wrong! |
| 30 |
|
| 31 |
As mentioned somewhere else, I'll just split the disc, first a |
| 32 |
unencrypted ntfs partition, and then another encrypted partition (ext3 |
| 33 |
or 4 formatted). |
| 34 |
As this disc wont be accessed often, this will probably do just fine. |
| 35 |
If data needs to be moved to the encrypted ext partition, I can do |
| 36 |
that from linux if need be, and temporarily store it on ntfs. |
| 37 |
As this isn't anything really critical, and I'm not on the run, this |
| 38 |
much security lax wont harm, although obviously I'd try to avoid it. |
| 39 |
|
| 40 |
Regarding windows support for ext: |
| 41 |
|
| 42 |
Why don't you think much of it? |
| 43 |
I don't like the fact that the more well known implementation isn't |
| 44 |
opensource nor freesoftware, which the lesser known driver I'm using |
| 45 |
is. Sadly it seems not getting alot of attention these days. I've been |
| 46 |
using it for ages now, sofar no problems, performance (read only) is |
| 47 |
ok. I haven't dared go near write support though... |
| 48 |
|
| 49 |
Tom |
Archives