Safe decryption with GnuPG?

Alan Olsen aolsen at standard.com
Thu Feb 14 19:07:05 CET 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512




>From: Krzysztof Zelechowski
>Dnia 12-02-2008, Wt o godzinie 11:59 +0100, Anders Breindahl pisze:
>> Hello,
>> 
>> On 200802010958, Krzysztof Żelechowski wrote:
>> > 1. The decrypted information must not make it to any persistent 
>> > medium
>> 
>> Use full-disk encryption, as has been stated before. That way, you can 
>> be confident that nothing leaks into unencrypted places, since such do 
>> not exist in the running system.
>
>Full disk encryption makes the system unnecessarily slow, 
>especially if applied to swap space.  
>I am seeking an intermediate solution for desktop computers where the amount of confidential data is small.  
>The system as a whole should not be affected 
>(unless, of course, it is a dedicated device, 
>but that is another story).

I am using full disk encryption on Fedora 9 alpha and it has not caused much slowdown at all.  Since it encrypted the entire logical volume swap is included.

If hitting swap is an issue, you have other problems.  (You need to buy more RAM.)  It speed is really an issue here, then you need to look at a hardware upgrade.

Of course, this depends on what operating system you are using.  If you are using Windows, then I cannot help you.  (Except maybe in getting off that insecure monstrocity.)

-----BEGIN PGP SIGNATURE-----
Version: 9.5.3 (Build 5003)

wsBVAwUBR7SDSWqdmbpu7ejzAQp6pQgAvGW3It94LMUp9j2bIlP4QcdDbjCewo/N
onxKwR06YKuCT+Vwme4ny0fONXDjk6KHtAsHSVYXS8JKU6b8fYbgeb1b/SvdzvjL
1mrALWJ6EKcVhmf2XjyEIT05FfMVefNCWz9XU6ZU3DgCp3hvdFJjiJq4UZu2lOGS
qx31iO9vDSyYxwQECSIyCcI9HCpvRuQyBQbSOeMMGe2HqHiYoISVeFU/HYdXF3Dn
7LuWxhOZZkEG3x8esVLM85qIq5MY8oNoLJDbMxXvhxqFZAvrnlS74tGMfZ6iHKYU
I15NIdmuyomd35+q4mdwFz5C6DnDHyNgHrAXfOcm3UUZO7RObnVRJQ==
=UnvY
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list