Securing Data
Max Hyre
max at hyre.net
Mon Dec 3 11:19:57 EST 2007
(Sorry about mixups in sequencing or writer ID---I'd deleted
some of the earlier posts.)
JUNIPER said, about 12/02/2007 04:02 PM:
> A very secure way would be to simply save data only to a
removable disk
> and backup and remove them when not in use (safe deposit
box? - Oops -
> my wife has a key!).
> Steve J
Encrypt that removable disk, and you needn't worry about
your wife's key. However, the worry seems to be about
security while actually running Gnucash, which is another
matter.
On Nov 25, 2007 2:40 PM, Robert Heller
[5]<heller at deepsoft.com> wrote:
> I'll start by using TrueCrypt to create a secure
partition, since I am
> already family with it, but I can't say that this method
really
> satisfies. Once mounted, the financial data becomes
cleartext to any
> program (e.g. viruses). Is there a solution that makes
the unencrypted
> data only available to gnucash?
No. The data in memory (RAM) is always in the clear.
Worse, the system can run out of room in RAM and write it to
the ``swap partition''. After running the program you must
securely erase the swap partition, too. (Secure erasure
takes much more effort than just deleting the file.)
> Yes, but you really are not going to like it: Linux,
using either proper
> UNIX User/Group file protection OR (even more secure)
using SELinix and
> ACLs (this probably only really makes sense if you are
the accountant
> for a spy agency or something and need to keep the
accounting for 'black
> opps' secure :-)).
SELinux is an excellent move, but there be dragons on
the Internet. (Note that even GNU/Linux has its viruses,
just not very many, yet.) And there _are_ security flaws in
the programs, even without a virus.
JUNIPER wrote:
> The only other solution would be to use a dedicated
machine (which does
> nothing but run gnucash) behind a very secure firewall
and being totally
> anal about virus scanning.
I believe this is the one real solution against those
without physical access to the machine, but only if you have
_no_ network connections (the so-called ``air gap''). Virus
scanning, anal or not, will always leave vulnerabilities, if
only because there's a delay between a virus's rollout and
the scanner's update. At the price of systems today, buying
another one is trivial.
The answers to your question really depends on whom/what
you want to keep the info private from, as Robert Heller
alluded to. Examples include:
Random, non-malignant, people you let log in
Family members
Family members with real computer expertise
Business partners
Random virus writers
Professional data thieves
The IRS
Foreign governments
The NSA (or non-U.S. equivalent)
Don't laugh at this list. None of these are entities have
any business looking at your data unless you want them to.
You need to protect against the most capable one you worry
about. To give you something resembling a correct answer,
we need to know fairly accurately the ability of the intruder.
As presented (worrying about viruses), disconnect from
the Internet, and forget about it. Use another system for
surfing, and be _very_ careful about what your transfer from
that system to the Gnucash one.
More information about the gnucash-user
mailing list