Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've used Spideroak for a year or so, and believe for a single device its quite secure. But there is a gap that I haven't figured out a work-around yet.
Let's say you have 2 devices to backup, a laptop that doesn't contain too much secret info, and a home desktop that contains much more secret info. If both devices are on the same account, theft/loss of your laptop could very easily mean the compromise of your secret data from desktop as well, because both devices can access all files.
The web site has a FAQ to suggest to de-register the lost device and change password. But there is a natural time gap before you can accomplish this. A gap that could result in data compromise.
Double encryption of the secret data is an option, probably the best, but you'll need to work up some scripts to accomplish.
Just be nice if there was a way to isolate devices, with perhaps a master key access.
I've used Spideroak for a year or so, and believe for a single device its quite secure. But there is a gap that I haven't figured out a work-around yet.
Let's say you have 2 devices to backup, a laptop that doesn't contain too much secret info, and a home desktop that contains much more secret info. If both devices are on the same account, theft/loss of your laptop could very easily mean the compromise of your secret data from desktop as well, because both devices can access all files.
The web site has a FAQ to suggest to de-register the lost device and change password. But there is a natural time gap before you can accomplish this. A gap that could result in data compromise.
Double encryption of the secret data is an option, probably the best, but you'll need to work up some scripts to accomplish.
Just be nice if there was a way to isolate devices, with perhaps a master key access.
Or two accounts.
I find it very very weird if they want you to use the same private key on both computers, thats just bad design in my opinion, but the password for the private key should expire after a period of time i would believe and if not that too is really poor design, you should have to re-type the password for the private key after some period of time has passed...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.