grarpamp:
> On Wed, Jul 2, 2014 at 7:46 AM, Kali Tor <[email protected]> wrote:
> > I have done all that, so covered on that aspect. Was wondering if disk 
> > encryption and use of something like TRESOR would be useful?
> 
> The private keys for the node are sensitive, and even the
> .tor/state file for the guard nodes could be if the attacker
> does not already have that info, same for any non default
> node selection stuff in torrc. Tor presumably validates
> the disk consensus files against its static keys on startup
> so that's probably ok yet all easily under .tor anyway.

Some says that it's better to leave the disk unencrypted because in case
of seizure by the police, they can easily attest that the system was
only running Tor and nothing else.

Some disagrees and says that we should always encrypt to make tampering
and (extra-)legal backdoor installation more difficult.

I believe the best strategy has never been really determined so far.

-- 
Lunar                                             <[email protected]>

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-relays mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Reply via email to