Quote:
Originally Posted by DJRepresent Hi,
How secure are my files in Linux? If lets say I want to keep certain documents hidden from others, is there a way to protect them better than what NTFS currently offers? |
The linux filesystems are more secure in the sense that they provide a proper file permissions system, unlike FAT. NTFS has some permissions scheme, and can use access control lists, but, sincerely, I never bothered with that, so I can't answer your question.
Quote:
|
By saying NTFS I mean that in a Windows based machine, one could always unscrew the hard drive and load it onto another computer as a slave or via USB, take ownership, and download the files.
|
There's no need to waste that much effort. Just put a linux livecd on your drive. Since you will be logged a root, you can mount any drive and do whatever you want with it, as long as you have the needed driver to access the filesystem. In this regard, all the OSes are equally vulnerable. That is, unless the contents of the drive is encrypted.
If the volume is encrypted then you need the password to decrypt it. That, or to have the matrix on your side to crack it :P
If booting from cd is disabled, reset the BIOS by ripping out the battery and configure it to boot from CD. If there's no cd, then usb. If not, rip out the drive and use it in another box.
What I want to imply here is that, if there's physical access, and you are not limited by time constrains, you can do whatever you want. It doesn't matter how secure the OS is.
Quote:
|
I heard that on Linux you can password protect certain files / directories and if you forget your password, you've lost your data for good.
|
Neither of these affirmations is true *by definition*. Though there are some things to speak about here.
First, you can't protect a folder directly, nor a file. But you can use encryption to encrypt anything. You can do so on files with windows so. You just need to use the correct software.
However, the advantage in linux is that you can encrypt a filesystem. So, if you want to secure your home directory, you can just mount it into another partition or disk and encrypt that disk as a whole, making it transparent, so you don't have to use programs to pack/unpack, encrypt/decrypt stuff.
Second, if you value your info, you don't lose your password. Technically, you can crack almost anything if you have infinite machine power and infinite time. But we can assume than a strong encryption algorithm will mean lost data if you lose the password. Yes.
You should read on filesystem encryption.
A random google result related to ubuntu:
Filesystem Encryption [Archive] - Ubuntu Forums
Note, however, that this is all at cost of some performance penalty, since anything being read or written will need to be encrypted/decrypted, and that takes some cpu cycles and ram.