Re: summary Re: encrypted swap

From: David Spreen (david@spreen.de)
Date: Tue Aug 07 2001 - 16:39:21 EST

Next message: Christian Robottom Reis: "Re: [eepro100] Problem with Linux 2.4.7 and builtin eepro on Intel'sEEA2 motherboard."
Previous message: David Spreen: "Re: encrypted swap"
In reply to: Ted Unangst: "summary Re: encrypted swap"
Next in thread: David Wagner: "Re: summary Re: encrypted swap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 07, 2001 at 02:34:48PM -0700, Ted Unangst wrote:
> conclusion: if your data is that valuable, you will need a small army to
> protect it. don't bother encrypting swap, because guns are a better means
> of protection.

NAK. Of course I have the united states army in front of my notebook
to protect my pronsite passwds. But see, the army makes my notebook
an interesting target for data-thiefs, right? So I want encrypted swap
as an additional feature.
Okay stop kidding, of course crypted swap is no allround solution, but
a step to harden your security issues. I don't want to make you using
it, but I can think of people who would want to including myself.

> if your data is only semi-valuable, or private that you
> wouldn't want random others to read it, then swap encryption is good.
> it's a nice feature that some people might like to have. does it solve
> every problem? no. but the people in the edge cases are most likely very
> aware of the possibilities.

ACK.

> implementation paper:
> http://www.openbsd.org/papers/swapencrypt.ps

Thank you, this was what I meant when I wrote of some BSD :).

Okay, so I got some ideas how to implement, the kernel-related
thing with an automatic generated key and the kerneli-issue.

I tried to get kerneli working with swap some time ago and it didn't work.
Has the behavour changed? In the crypto HOWTO linked on kerneli.org is
still said that swap encryption doesn't work (but I don't know when the
last release was written).

so long & thanks for your suggestions...

David

-- 
  __          _              | David "netzwurm" Spreen      Kiel, Germany
 / _|___  ___| |__  __ _ _ _ | http://www.netzwurm.cc/      david@spreen.de
|  _/ _ \/ _ \ '_ \/ _` | '_|| gnupg key (on keyservers):   C8B6823A
|_| \___/\___/_.__/\__,_|_|  | CellPhone:                   +49 173 3874061
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Christian Robottom Reis: "Re: [eepro100] Problem with Linux 2.4.7 and builtin eepro on Intel'sEEA2 motherboard."
Previous message: David Spreen: "Re: encrypted swap"
In reply to: Ted Unangst: "summary Re: encrypted swap"
Next in thread: David Wagner: "Re: summary Re: encrypted swap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Aug 07 2001 - 21:00:48 EST