[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: encrypting swap

To: kernel-audit@nl.linux.org
Subject: Re: encrypting swap
From: Tom Vogt <tom@lemuria.org>
Date: Thu, 17 Aug 2000 16:44:01 +0200
In-Reply-To: <4BA83203985FD411A34A00508B69D83107F0EE@frmail3.fr.bosch.de>
References: <4BA83203985FD411A34A00508B69D83107F0EE@frmail3.fr.bosch.de>
Sender: owner-kernel-audit@nl.linux.org

"Strohm Thomas (FV/SLD) *" <Thomas.Strohm@de.bosch.com> wrote:
> I don't like very much the idea of an encrypted swap because of the large 
> performance penalty you're going to suffer.

unfortunately, there are many scenarios where "let's wipe the swap" doesn't
cut it. example: the evil guys storm your house and take the machine. the
power is gone, but it's not been through a shutdown procedure and you had
no chance to wipe anything.

*if* you are paranoid enough to be afraid of your own swap, you've got to
think about the worst-case scenarios. the example above and the residual
magnetism problem make anything but encryption not-good-enough.

-- 
"The net treats censorship as a malfunction and re-routes around it."
(John Gilmore)

Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- Re: encrypting swap
  - From: Tim Robbins <fyre@box3n.gumbynet.org>

References:
- RE: encrypting swap
  - From: "Strohm Thomas (FV/SLD) *" <Thomas.Strohm@de.bosch.com>
- RE: encrypting swap
  - From: "Strohm Thomas (FV/SLD) *" <Thomas.Strohm@de.bosch.com>

Prev by Date: encrypting swap
Next by Date: RE: encrypting swap
Prev by thread: RE: encrypting swap
Next by thread: Re: encrypting swap
Index(es):
- Date
- Thread