response 16 of 18:

Dec 20 04:34 UTC 2010

So then say the encryption password has to be inputted via an offsite 
email so that no record of it exists on the system.  There has to be a way 
for users to fully protect the privacy of their files even from root, if 
they are willing to accept the risk of not being able to access the data 
themselves if they lose the pw.  How else can you protect users from 
snooping roots like TS?

response 18 of 18:

Dec 20 08:24 UTC 2010

resp:16 we don't know for sure if TS was snooping. 
--
Richard/Jep, re root and privacy of data, root can read all unencrypted 
data.. this includes decrypt-keys, logins, passwords whatever.

The best solution is to let clueless users know this. Awareness.. i 
mean jeeze! if the two of you didn't know this..

ONLY files encrypted on my home-box and copied to Grex will be 
unreadable by Grex-root so long as I don't ever store/transmit the 
decrypt key on/through Grex. Essentially, you'd be using Grex to store 
encrypted data without processing that data.

resp:13 sure he can and I suggest you use a password for Grex that is 
not used anywhere else (yahoo, bank etc). Storing hashes of passwords 
makes it difficult for a person who hacks into the box from instantly 
grabbing all user passwords. But once the hacker has got root, he could 
load a kernel driver to read passwords from memory as users login via a 
tty. Same thing with encrypted blahblah.. moment you type in a plain 
text decrypt key, root can help himself to that.