Moin, Am Wed, 21 Mar 2007 14:54:36 -0600 schrieb Joe Pfeiffer:
> >b) mmap. > > I haven't come across many applications that use mmap for file i/o "Not many" is more than "none" and therefore the approach is useless, IMHO. The right[tm] approach (namely something kernel-assisted like ecryptfs/encfs) has been mentioned in the first post in this thread and encryption basically is a solved problem. There is however one rather big unsolved problem that has been ignored in this subthread: "Authentication", as Tim Newsom put it, gains us nothing, the really interesting question is where to get the key from. Key input on a mobile phone in a usable way is problematic. > >So encryptfs sounds way more useful for that usage. > > But it has the "encryption jail" drawback. Which isn't a drawback for many, but rather an advantage. Anyways, if the key input problem is solved in a satisfactorial manner then any possible adverse effect of encrypting everything should be minimal. Plus: If you really want per-file encryption that would only need some minimal modifications to the existing solutions. Or use unionfs. A different solution has been mentioned already: If all PIM data is kept in a central database anyways, then encryption can be done there. E.g. three levels: "No encryption", "Item-level encryption in PIM database", "Full filesystem encryption". -- Henryk Plötz Grüße aus Berlin ~ Help Microsoft fight software piracy: Give Linux to a friend today! ~ _______________________________________________ OpenMoko community mailing list [email protected] http://lists.openmoko.org/mailman/listinfo/community
