module design

ken_i_m at elegantinnovations.net ken_i_m at elegantinnovations.net
Tue Jan 6 03:03:54 PST 2004


On Tue, Jan 06, 2004 at 09:27:41AM +0000, Ian Molton (spyro at f2s.com) wrote:
> On Tue, 6 Jan 2004 01:24:32 -0700
> ken_i_m at elegantinnovations.net wrote:
> 
> > One where an encrypted filesystem would make sense.
> 
> why why why why?
> 
> encrypt the sensitive material. who needs an encrypted /etc/inittab ?!

Hi Ian,

Well, yes.  I was not being that fine grained in my comment.  Encrypting 
known binary files is self defeating.  It provides a massive crib to the 
analyist.

Generally, I am seeing a lot of "re-inventing of the wheel" here.  Such 
hashing over of basics has its benefits but soon enough there is a 
sizable body of history in this field that must be read.  My personal 
library is actually fairly weak in this area.  Three volumes I would 
recommend as required reading for developers would be Security Engineering 
by Ross Anderson, Practical Cryptography by Bruce Schneier, and Firewalls 
and Internet Security (2nd ed) by Cheswick, Bellovin, and Rubin.  Then
there are the books that deal with specialized areas...
-- 
I think, therefore, ken_i_m
Chief Gadgeteer, Elegant Innovations
Founder, Bozeman Linux Users Group
(406) 581-0495



More information about the hlfs-dev mailing list