Re: Database level encryption

From: Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>
To: Timothy Madden <terminatorul(at)gmail(dot)com>
Cc: Joe Conway <mail(at)joeconway(dot)com>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, pgsql-admin(at)postgresql(dot)org
Subject: Re: Database level encryption
Date: 2010-04-07 19:21:30
Message-ID: q2odcc563d11004071221xb5a3e6d4j235a4bd7610a746f@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Tue, Apr 6, 2010 at 3:45 AM, Timothy Madden <terminatorul(at)gmail(dot)com> wrote:
> The machine is a mini-laptop running almost all day time (actually
> there are many of them) and if the machine is captured it is likely to
> be captured while running.

Wait, stop right there. So, you're a thief and you just made off with
an HP mini with an encrypted file system. You have a login prompt.
What do you do to get into it and then get to the encrypted hard
drive?

Seriously, what is your attack. Why does this machine even have
regular login enabled? It would be easy enough to program it to
unmount the encrypted drive after 3 failed login attempts.

I think you hand-waved this one into being. It's not easy to get into
a laptop that's locked / not logged in without rebooting it. And
rebooting it unmounts your secure file system.

You have a key with passphrase stored on a USB key that's used to
start the dbs, then locked physically away from the laptops.

If there's some objection to file system encryption I haven't thought
of here lemme know.

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Kiswono Prayogo 2010-04-08 01:19:09 Compile Problem for Alpha 5 in /src/backend/utils/error/elog.c
Previous Message Chris Browne 2010-04-07 18:58:35 Re: Database level encryption