On Sun, Jul 02, 2006 at 10:57:42AM -0600, Chris Kuethe wrote:
> Bear in mind that if you're serious about keeping plaintext away from
> people who you don't want to see it, this could get quite tricky.
>
> What happens if an application generates temporary files? What happens
> if an application swaps? What happens if an application crashes and
> dumps core? What happens if the kernel crashes and dumps core?
Well, in that case, you are usually sufficiently alerted to clean out
the relevant parts of the disk.
(Note that the case where you do not have administrator access is not
relevant, as root can read your files any time you can, anyway.)
> What
> happens if you accidentally copy and past some content into your
> shell, thereby logging it into your .history?
>
> Certain editors (vim for sure, probably emacs too) can encrypt your
> files on the fly. I don't use that feature, but if you do, make sure
> they handle temp files properly, etc.
>
> Be very careful - just because your long-term, bulk storage is
> encrypted there is no guarantee that you haven't left plaintext
> anywhere.
But this is still good advice; a crashing kernel is not very believable,
but such mundane mistakes are likely to provide at least snippets of
information.
More importantly, a file like ~/.viminfo contains quite a bit of
information. I *suppose* vim handles encrypted files in a sane fashion,
but I am not sure.
> And that's not even taking into account that the thief might just put
> trojan horses all over your laptop before letting you have it back.
> Think of how often you hear of windows machines being turned into
> spambots with keyloggers. Just because it seems to be mostly windows
> machines doesn't mean it can't happen. *NIX makes it easy for even a
> moderately competent programmer to write a trivial keylogger.
If you do *that*, however, you are just being stupid. Wipe and
reinstall; if the data is important, preserve that - but no binaries or
somesuch.
Joachim
