Safe decryption with GnuPG?

Robert J. Hansen rjh at
Thu Feb 14 15:44:32 CET 2008

> Full disk encryption makes the system unnecessarily slow,
> especially if applied to swap space.

Not necessarily so.  A lot of people make a big deal out of a couple  
of papers published on how much whole-disk encryption slows down  
OpenBSD, but the flip side to that is the file and network systems of  
OpenBSD are not as efficient as those of many other OSes.  If you've  
done your own empirical tests with your own OS and discovered it's too  
slow, then by all means, it's too slow.  Otherwise, you may wish to do  
some empirical tests.

> Certainly.
> But unless the intruder is a root-kit,

If the attacker has access to your hardware, then you're out of luck,  
the game is over.  The only systems I can think of which may (may!) be  
exceptions to this are certain esoteric systems designed to reach the  
highest levels of Common Criteria evaluation, where classified and non- 
classified data operate on entirely different CPUs, entirely different  
RAM, etc., etc., with an information diode to control how information  
flows between them.

More information about the Gnupg-users mailing list