[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AW: AW: Hello and DVD-ROM encryption
Info wrote:
> I mount it to a loop device
> #losetup -e AES128 -C 100 -S arandomlygeneratedseed -T \
> /dev/loop3 /image/file
Above type setup is vulnerable to watermark attacks. Just FYI.
> > I don´t want the key to be stored with the data on DVD.
> I don't use the multikey mode because I don't have, and don't want,
> encrypted swap, and it is my understanding that gpg can leak the content
> of what it encrypts to swap.
Take a look what kind of information gets written to swap: ssh sessions,
passwords, credit card numbers, emails to your mistress, etc. You really
don't want that kind of info recorded in non-volatile storage on disk.
Swap is one of the worst anti-security features ever conceived. Encrypted
swap solves that problem nicely.
--
Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/