/> Although I'm not quite sure why you would do full disk encryption on
a running server [...] Are these systems running in a insecure location?/
Last year one of my clients in a "secure" Seattle office building
got hit by theft. They lost workstations and laptops.
But even if your servers are in a 24/7 manned data center, HIPAA or
PCI compliance can require that customer records be kept on encrypted
storage. Consider that a hospital or corporation has absolutely no
control over who the data center hires, and yet, they have liability for
protecting customer privacy. Usually they don't even know the names of
the people who have physical access to the servers, let alone any degree
of control or visibility into when and where those employees are.
The performance of full-disk encryption is good enough on modern
hardware that I can't see why anyone would ever NOT use encryption. The
one exception being heavily loaded public web servers or large database
servers where the extra disk I/O performance is important and/or there
is no private information kept.
(Also, it's a selling point for my consulting services. My clients
include some big, high-tech companies. They feel better when I tell
them all their data is stored on encrypted media.)
/> ...on a MythTV box/
http://www.slashfilm.com/us-copyright-group-sues-20000-individual-movie-torrent-downloaders-lawsuits-targeting-30000-more-are-on-the-way/
http://www.betanews.com/article/MPAA-Sues-Grandfather-for-600000/1130957894
http://www.broadcastingcable.com/article/102880-MPAA_Sues_Individuals_Over_Swapping.php
Etc.
--Derek
On 02/09/2011 02:45 PM, Bill Thompson wrote:
On Wed, 2011-02-09 at 12:09 -0800, Derek Simkowiak wrote:
/> I haven't messed with Deb or Ubuntu yet, [...]/
Ubuntu will do what you want.
I use the full-disk encryption from the Ubuntu installer
(dm-crypt). I use it on 100% of my computers, incl. all my VM servers,
my netbook, and my MythTV box.
Debian will create encrypted file systems from the basic curses
installer as well.
Although I'm not quite sure why you would do full disk encryption on a
running server or why you would want the encryption overhead on a MythTV
box. Are these systems running in a insecure location?