Chris Croswhite wrote:
Hello,
I am not quite clear on this issue and ask for comments. I have a
laptop going out with an employee that will use mcrypt to crypt some
files on the hard drive. As this computer has XFS, how can I be sure
that the original files will not be recovered from the journal?
Two things:
1) The XFS journal does not include file data, just meta-data.
(That is, filesystem structure/control information)
2) mcrypt runs above the filesystem which would mean that the
filesystem never saw the unencrypted data. So, even if
user data was in the journal, it too would be encrypted.
Having said that, there is one issue that can not be directly
addressed here. That is information that can be learned by the
names one gives a file. Unless you pick cryptic names for files
you could, say, have "LetterToBillGates.doc" or "Resume.html" or
"IBM-DistributionDeal.xml" and thus while the contents of the
file are cryptic, the fact that you are talking with Bill Gates
and have some distribution deal with IBM will be seen.
--
Michael Sinz -- Director, Systems Engineering -- Worldgate Communications
A master's secrets are only as good as
the master's ability to explain them to others.
|