I have a directory on my computer encrypted with EncFS. When I mount it, doesn't it write the unencrypted files to disk? Is it correct that even after I unmount, the unencrypted files are still somewhere on the disk and could be found with the proper tools? If so, how to fix?
lay the foundation pupper
thanks mr shark
>>58348356
thanks mr shark
>>58348356
EncFS is built into the kernel on most systems and never actually writes the unencrypted files out to disk; that would sort of defeat the whole point. It decrypts them on the fly.
>>58348774
Are you sure EncFS does that? That sounds like what eCryptfs does, which I think is different.
>>58348356
thanks mr shark
>>58348356
swim on, pupper
thanks mr shark
>>58349181
Yeah, EncFS does that, just googled and the only part I was wrong about is that it's technically using FUSE, not embedded in the kernel. However, my point still stands.
>>58348356
EncFS is junk from early 2000s you should never touch https://news.ycombinator.com/item?id=7384730
There's a replacement, gocryptfs that the EncFS maintainer (who took over after that audit discovered EncFS was trash) and CryFS and securefs.
https://nuetzlich.net/gocryptfs/security/
You should just use FDE, djb also has a bunch of entries on his old blog by shit like Ubuntu's home directory encryption isn't good enough
>>58348356
Thanks mr shark
>>58348356
thanks mr shark
thanks mr shark
>>58350386
correction you should use FDE + gocryptfs unless of course this is for some docker container or something (then use tarsnap, sync it to a directory that uses gocryptfs).
>>58348356
thanks mr shark
>>58348356
thanks mr shark
>>58350386
>>58350488
thanks mr anon
will look into it