Sorry for my ignorance in this respect, I hope you can help me. I'm actually using encfs to protect my sensitive data, but this is what is said in the manual:
"""The most intrusive attacks, where an attacker has complete control of the user’s machine (and can therefor modify EncFS, or FUSE, or the kernel itself) are not guarded against. Do not assume that encrypted files will protect your sensitive data if you enter your password into a compromised computer. How you determine that the computer is safe to use is beyond the scope of this documentation.""" So my question is: how can I truly protect a filesystem against offline attacks? I have thinking of using an SD card for storing the passwords in, and some kind of script or program to automatically retrive password from the card when needed. Then, if I retire the card, then my filesystem is secure. But I also have more questions... is the AES encoder that encfs uses by default secure enough? If not, is there another way to use another one, for example, GnuPG? Thank you. -- gpg --keyserver pool.sks-keyservers.net --recv-keys AFC23C68 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org