From owner-freebsd-current@freebsd.org  Fri Oct 23 20:20:28 2015
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 80684A1D2BD
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Fri, 23 Oct 2015 20:20:28 +0000 (UTC)
 (envelope-from phk@phk.freebsd.dk)
Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222])
 by mx1.freebsd.org (Postfix) with ESMTP id 4991B627
 for <freebsd-current@freebsd.org>; Fri, 23 Oct 2015 20:20:28 +0000 (UTC)
 (envelope-from phk@phk.freebsd.dk)
Received: from critter.freebsd.dk (unknown [192.168.55.3])
 by phk.freebsd.dk (Postfix) with ESMTP id 455364F860;
 Fri, 23 Oct 2015 20:20:21 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
 by critter.freebsd.dk (8.15.2/8.15.2) with ESMTP id t9NKKJH9006217;
 Fri, 23 Oct 2015 20:20:20 GMT (envelope-from phk@phk.freebsd.dk)
To: Martin Cracauer <cracauer@cons.org>
cc: Yonas Yanfa <yonas@fizk.net>, freebsd-current@freebsd.org
Subject: Re: Depreciate and remove gbde
In-reply-to: <20151023192353.GA95611@cons.org>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
References: <56237623.5010702@fizk.net> <20151019234406.GA88752@cons.org>
 <CALJrc1xg+qN54EgUYae1CRF1QY-UsK25=_61z2b-c2tMQyxeJQ@mail.gmail.com>
 <20151023192353.GA95611@cons.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <6215.1445631619.1@critter.freebsd.dk>
Date: Fri, 23 Oct 2015 20:20:19 +0000
Message-ID: <6216.1445631619@critter.freebsd.dk>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Oct 2015 20:20:28 -0000

--------
In message <20151023192353.GA95611@cons.org>, Martin Cracauer writes:

>If you want a secure filesystem I think that at this particular time
>it would be entirely reasonable to use both gbde and geli stacked on
>top of each other[...]

Nobody is going to break through the GELI or GBDE crypto, they'll
find their way to the keys instead, or more likely, jail you until
you sing.

But neither GELI og GBDE alone or together give you a secure filesystem.

The very first requirement for a secure filesystem is that you can
trust the computer it is mounted on.

No commercially available smartphone, tablet, laptop, server or
desktop computer can be trusted by the owner at this point in time.

Want a secure filesystem ?

First step is to mount it on RaspBerry or Beaglebone without network
connectivity...

But more importantly:  There is no technical fix for lost privacy,
that is a political problem, and it must be solved by political
means.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.