Talk:Disk encryption

From ArchWiki
(Redirected from Talk:Disk Encryption)
Jump to: navigation, search

Unicode graphs/patterns

[Original title was Ascii graphs/patterns]

Hi, A small issue unrelated topic : how are ascii graphs/patterns made?

One method I know is:
--Indigo (talk) 20:45, 3 September 2013 (UTC)
Note that those graphs are not made with simple ASCII characters, but Unicode (I've fixed the title of the discussion).
Anyway, this is a very interesting question indeed, I too would like to know if there are any editors that can make it easy to draw such diagrams.
This would also solve Talk:Installing Arch Linux with EVMS#Image replacement contest.
Finally, an editor like that should be mentioned in Help:Style#Non-pertinent content.
-- Kynikos (talk) 05:47, 4 September 2013 (UTC)
I created these diagrams manually using Kate, which is a normal text editor (but it has an advanced feature called "Block Selection Mode" that helps a lot with this kind of stuff). I also kept a window of gucharmap open on one side of the screen, which allowed me to easily find and pick suitable Unicode characters.
--Sas (talk) 19:21, 19 November 2013 (UTC)

Move out of User page

This page is quite good IMO. So it can be moved to a normal page. It can receive updates there and other pepole can contribute. -- Fengchao (talk) 06:20, 11 June 2012 (UTC)

+1 -- Kynikos (talk) 09:18, 12 June 2012 (UTC)
No respons from author. This will block [System_Encryption_with_LUKS] restructure so I do the job to move on.-- Fengchao (talk) 02:22, 15 June 2012 (UTC)
Hi, and sorry for abandoning this article half-way through and then forgetting about it.
As for writing the general introduction/explanation text (part of which consists of merging the corresponding sections from the System_Encryption_with_LUKS article into this one), I had already started working on that locally back when I created this article, but I have that file on a different computer than I am on now. If you give me until tomorrow (Monday) evening (European time), I'll bring what I have into a readable state and upload it to this page, and then everybody can help modifying/extending it.
The reason why I created the article as a user page and didn't move it into the main namespace right away, is that I originally planned to first discuss some feature requests with the wiki maintainers which would make the page more maintainable (without sacrificing user-friendliness). Namely, support for automatically numbered footnotes, and moving the comparison table formatting into a wiki-wide "comparison-table" CSS class (or maybe, separate "comparison-table-vertical" and "comparison-table-horizontal" classes). Right now, the comparison table's wiki markup is so messy and difficult to work with that I would feel guilty asking other people to help add info to it. --Sas (talk) 17:35, 17 June 2012 (UTC)
I added the main text sections now. It would be great if a native speaker with good language skills could do some copyediting for the individual subsections to formulate them more concisely and make them nicer to read. --Sas (talk) 20:42, 18 June 2012 (UTC)
Hi Sas, thank you for getting back working on this article!!
About the numbered footnotes, that would require the installation of an extension (involving web developers) and if we can keep it simpler instead it'd be better, since this would be the only article using that feature.
About the comparison-table class, can you report an existing example (in another wiki I guess) of what you mean exactly?
-- Kynikos (talk) 20:57, 19 June 2012 (UTC)

Proposed renaming of this article to "System Encryption" or "Encryption"

This was proposed by Kynikos in the form of a template added to this article, and also discussed here.

I disagree with the proposal, and still believe that "Disk Encryption" is the right name for this article. Let me try to explain why.

"Encryption" is a huge topic, encompassing a much bigger scope than this article could sensibly cover in the level of detail set out by the content I already added here, and the content that is to be merged here from System_Encryption_with_LUKS. There is (among others)...

  • manual encryption of pieces of data (no matter where it comes from / is stored / is going to)
    • GnuPG, ...
  • cryptographically protecting a communication channel
    • HTTPS, SSH, ...
  • cryptographically protecting a logical part of a storage disk (real or virtual)
    • Loop-AES, dm-crypt+LUKS, Truecrypt, eCryptfs, EncFs, ...

I believe that the article should exclusively deal with the latter topic. Trust me, there's enough valuable information on this to fill a whole article (just look at how big the comparison table alone grew already). It would only add confusion and result in TL;DR to mix other encryption-related topics into the same article.

I.e., the article should exclusively be about techniques which will cause all data written to a logical part of a disk to be automatically encrypted, and data read from it to be automatically decrypted.

All of the following are examples of logical parts of (real or virtual) storage disks:

  • a whole disk
  • a partition (or anything else represented as a block device)
  • a folder

So I don't see how the term "Disk Encryption" should be inclusive of block device encryption, but not of filesystem-level encryption, as Kynikos suggested in the renaming-proposal. The level at which the protected logical part of the disc is defined, is an just implementation detail - I don't see a conceptual difference there.

So that's why I believe "Disk Encryption" is a more sensible title than "Encryption".

Regarding "System Encryption", I believe that would actually not be inclusive enough of everything encompassed by the encryption methods described here.

In my mind, system encryption is a potential application of disk encryption - it's about securing the "system" itself (as in, an Arch Linux installation) from unauthorized access to its system and user data while the system is not running.

But disk encryption can also be used for simple data encryption, e.g. protecting a partition or folder in which confidential data files are to be stored, and letting the user unlock/lock the encrypted data container on demand or on login/logout. This has nothing to do with the "system" and whether it is running. (This is especially the case for the filesystem-based disk encryption methods.)

And of course there are many possible combinations and shades of grey in between.

"Disk encryption", to my ears at least, captures all of that quite nicely.

--Sas (talk) 18:37, 17 June 2012 (UTC)

Wow, you provided such an exhaustive argumentation in support of the current title that I don't think anyone will try to reply (including me) :) Let's stick with Disk Encryption then! It's worth to be noted that Wikipedia itself is a bit ambiguous in finding a consistent naming for this topic, see for example the intro of wikipedia:Filesystem-level encryption ("Filesystem-level encryption, often called file or folder encryption, is a form of disk encryption [...]") versus wikipedia:Disk encryption#Disk encryption vs. filesystem-level encryption. -- Kynikos (talk) 21:10, 19 June 2012 (UTC)