You are not logged in.

#1 2016-06-30 22:44:04

bangme
Member
Registered: 2016-06-17
Posts: 28

[SOLVED] Looking for thoughts on full encryption of portable HDD

Hi everyone,

I have 1 TB portable that I carry around with me for work related stuff.  It holds accounting files, VMs, proprietary market data and the like.  I have it formatted ext4 currently and no encryption.  I've read that a journaling FS can leave an encrypted partition/drive vulnerable. I'm curious to know how any of you encryption buffs would handle this use case.  I used truecrypt years ago and I know it was forked to veracrypt, is this the best way to go?  Should I reformat with something like EncFS? My external HD has built in AES256 codec hardware. Should I do a veracrypt container?  I'm not to concerned with needing plausible deniability or anything since I'm not walking around with super secret james bond shit.  I mostly want to encrypt so if some sleeze bag swipes my HD they won't be able to see anything, and secondarily if a competitor swipes my HD their ITSec people will be really annoyed for a really long time.  Thanks for your input.

Last edited by bangme (2016-06-30 23:19:25)

Offline

#2 2016-06-30 23:11:57

Slithery
Forum Moderator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 3,652

Re: [SOLVED] Looking for thoughts on full encryption of portable HDD

Journaling can lead to vulnerabilities only if you encrypt individual files/folders, not the entire block device.

The standard way to handle this is with dm-crypt.


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#3 2016-06-30 23:13:17

bangme
Member
Registered: 2016-06-17
Posts: 28

Re: [SOLVED] Looking for thoughts on full encryption of portable HDD

slithery wrote:

Journaling can lead to vulnerabilities only if you encrypt individual files/folders, not the entire block device.

The standard way to handle this is with dm-crypt.

Fantastic, thank you!

Offline

#4 2016-06-30 23:14:42

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 9,909
Website

Re: [SOLVED] Looking for thoughts on full encryption of portable HDD

+1 for dm-crypt.  Very mature and stable and the wiki has all you know to know.

Last edited by graysky (2016-06-30 23:15:09)


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

Board footer

Powered by FluxBB