Yesterday I installed Ubuntu 10.10 on my laptop, and have a couple quick encryption-related comments.
I installed from the alternate install image. The standard image does not include encrypted LVM. It does, however, allow one to encrypt user home directories. Is this good enough? No.
(1) In Ubuntu, encrypting a user's home directory fails to protect users who lose their passwords. This could happen a number of ways. It happened to me once via shoulder surfing. Many people use the same password for multiple services--a bad idea. The user password and encryption pass phrase should be distinct.
(2) Users tend to use weak passwords. Hopefully they choose better pass phrases.
(3) With just the home directory encrypted, swap is in the clear. This is a well-known leak and part of why secure software generally overwrites passwords and keys in memory as soon as they are no longer needed. Garbage collection is not good enough for keys. In general any data could show up in swap, and so swap should be encrypted.
No comments:
Post a Comment