|
|
|
|
|
|
by jchw
2068 days ago
|
|
|
Nothing personal. There’s a ton of different possible ways to approach the problem. If you can’t construct reasonable approaches with amnesiac setups, you can still combine it with FDE for data storage. A lot easier to swallow a microSD card than a hard drive. Tails supports this mode of operation built-in. A persistent OS that is not amnesiac will leave a lot more metadata. But you can totally set up a “download encrypted blob from external data storage” script if you want. You can do a whole lot depending on what resources you have available. |
|
|
Remember where this conversation started? You said "Amnesiac is a level above FDE. You can’t be compelled to decrypt that which does not exist." Well, if the USB stick that contains the amnesiac OS also contains a script for downloading an encrypted blob from cloud storage, then obviously we are back at the "being compelled to decrypt" issue that we started from. If we're going to have an encrypted $TOP_SECRET document, we might as well encrypt the whole disk. And at this point the amnesiac property of the OS doesn't really provide a lot of benefit.