From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Fri, 18 Feb 2005 11:59:50 -0800 From: Christopher Nielsen To: David Leimbach , Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] writing code Message-ID: <20050218195950.GS77074@cassie.foobarbaz.net> References: <3e1162e60502181149dac62fe@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3e1162e60502181149dac62fe@mail.gmail.com> User-Agent: Mutt/1.5.3i Cc: Topicbox-Message-UUID: 0e857316-ead0-11e9-9d60-3106f5b1d025 On Fri, Feb 18, 2005 at 11:49:43AM -0800, David Leimbach wrote: > > To prevent this you either need to prevent someone from booting > > (ie. bios password and hope they dont go through the trouble > > of yanking the drive or resetting the bios) or you need to > > protect the disk (after all thats probably what they want to > > get at after they log in, not network access or the gui). > > Something like: > > > > http://phk.freebsd.dk/pubs/bsdcon-03.gbde.paper.pdf > > > > would address this nicely. For those who don't want to chase > > down the paper, it's an encrypted disk format used by the > > FreeBSD group. > > > > Isn't it actually a block-level encryption rather than a filesystem > implementation? yes. that's exactly what it is. how is that not useful in this case? -- Christopher Nielsen "They who can give up essential liberty for temporary safety, deserve neither liberty nor safety." --Benjamin Franklin