On Thu, 3 Jun 1993, Eric Hughes wrote:
A related topic to encrypted disk drives. Anybody who has a desire to see their data around long term makes backups of their drives. At least one of these backups is usually physically near the drive in question.
What good it is to have an encrypted disk if the backups are not also encrypted?
Backups occur at the file system level, where an encrypted file system does not appear encrypted, so that work here does not directly leverage to encrypted backups.
This is a good point. The only thing that I can think of in response is that there is now a need for a cryptobackup system. I can easily see how this could be accomplished with disk spanning, but I'm not sure that we could create something to work with all of the different tape drive standards. Perhaps just write a freeware system that could handle disk spanning and a few major, common tape systems (Colorado, etc...) I have to admit, that does present a minor problem. There is, of course, another way to do it which would speed things up by not having the date come from the disk, get decrypted by my driver and then get immediately encrypted agian before they get to the backup, and that is to simply operate the backup system as normally from the 'fast' partition with the encryption driver turned OFF. You back up the secure partition that way, and then whatever goes to the tape is pure garbage, and then you just turn the driver back on by rebooting. When you want to restore you simply turn the driver off, restore to the secure partition, and reboot to get your data again. No matter what kind of a system you are using, you are still going to need some unencrypted disk space to boot from, so that is where you stick your backup programs. Hell, the more I think about it, it won't be any problem at all...
Eric
-Ryan the Bit Wallah