[Freedombox-discuss] Minimal spec for NAS?
drwho at virtadpt.net
Thu Jun 2 15:55:19 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
On 06/01/2011 06:02 PM, Jonas Smedegaard wrote:
>> But does this fit with the basic principle of being secure and
>> encrypted by default?
> No, but (more likely) fits the even more basic principle of being real.
Why not make it an option when setting everything up?
Taking the example given of booting a Freedombox USB key off of a
laptop, the user would be using a configuration app of some kind to
carry out the example process (format the hard drive and turn it into a
file server). Why not give the user an option to encrypt the drive:
"Would you like to encrypt the hard drive of your file server for extra
security? This means that you'll have to enter a passphrase every time
you reboot the machine, but on the other hand if someone steals your
file server your data will be safe."
It would then be a good idea to make it possible for the user of the box
to remotely access the running instance and unlock the encrypted drive
(SSH, web app accessible over HTTPS).
The Doctor [412/724/301/703]
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
Meeble! Meeble meeble meeble!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Freedombox-discuss