CoderOnline

Backups: An introduction

Mon, 22 Sep 2014 03:17:12 +0200

online data redundancy #

Drives fail more often, than one would expect. Google has done a representative statistic concerning normal hard disk drives. In the FAQ of LUKS I learned, that even SSD's ain't guaranteed to last much longer. Therefore it seems wise to have the data saved twice or more in a production environment, where three drives seem to be the sweet spot in this manner. Even then your data is not safe! The next thunderstorm will come and terrible things are likely to happen if a lightning directly hits a power cable in your street. Lightning safe plugbars or uninterrupted power supply devices cannot avoid damage in all cases and professional grade over voltage protection must also include the whole building gets really expensive. It is very likely to be more economical to turn your devices off and pause your work while being close to the thunderstorm. But there is more: Even a storm on the sun can flip some bits on your hard disk or in your random access memory.

know your caches

Wed, 10 Sep 2014 11:24:17 +0200

It is somehow alerting how much information can be found in a cache folder. I will try to create a list of all caches I could find. This document stays work in progress, of cause.

But consider how important this is. The caches may contain personal data, such as:

email addresses from your mail program
telephone numbers if you synchronize contacts with your mobile phone
photos either from your phone, skype, facebook and where ever they were shown
which music you have on your computer, because media players automatically download cover arts and store them on your disk (also the download could be tracked, of cause)
passwords, because some applications even cache passwords :/
all your personal photos and every movie you have got on your disk, because many image viewers and filemanagers will create thumbnails for them.
visited websites can be found in your browser caches.

Browser Caches #

$HOME/.cache/chromium/
$HOME/.cache/mozilla/
$HOME/.cache/midori/

disk encryption

Fri, 29 Aug 2014 05:57:45 +0200

Ratio: Why? #

Encryption comes at a price: You will have to spend time on it, because you have to decide how to do it and you will permanently use computing resources when using it. But what seems to be unattractive can pay out in situations, when your drive can be accessed by any foreigners, which might include:

a person who has stolen it from you
if your drive has failed and you returned it for guarantee the manufacturer will not repair exactly your drive, but will in most cases collect them and send you an already repaired drive back, which someone else had sent in before

Choosing an encryption algorithm #

This really is a problem, because you never know which algorithm will be proven to be insecure tomorrow. Sadly the cryptsetup command expects a not well documented format for its --cipher parameter. The man page just says that it defaults to aes-xts-plain64 when using LUKS. I found two methods to find out which encryptions are supported by your kernel. First and recommend is the usage of

Mon, 01 Jan 0001 00:00:00 +0000

Veracrypt is currently the only encryption software I am aware of, which runs under Windows, Linux and BSD. That makes it a good choice for external storage devices. Web: veracrypt

A really cool feature veracrypt offers is nested encryption.

First steps #

Veracrypt comes with a GUI interface, which is not beginner friendly, but does its job. I will however concentrate on the command line interface, which is better called with -t as first parameter, because even veracrypt -t --help would otherwise show its help in a window.