[...]
> I am saying if you are worried about such things,
> then start with projects that would not require a
> hardware crypto card to make i useable.
And earlier wrote:
[...]
> I can't really see the advantage of encrypted swap.
> At the point it would become effective, the attacker
> is already on the machine (from remote access or the
> have physical access) and then its not if you can keep
> them from getting the info, its only a matter of when.
Wait a second. Encrypted swap is useful and effective in
some situations that do not require a hardware crypto card.
Imagine you have:
- a Linux laptop with a small amount of RAM
- Email and important documents encrypted on disk, either
with GPG / PGP or with an encrypted /home partition.
- Documents and email are decrypted, viewed, and edited by
applications, not all of which are SUID root, so
unencrypted data might be swapped out.
This is hardly a far-fetched example.
Now that laptop is stolen at an airport. The thief decides
to try to improve his take by grabbing useful information
from documents. The encrypted documents are untouchable,
of course. It _doesn't matter_ that the thief has the
hardware, the decryption key is protected by a passphrase
which is _nowhere_ on the hard drive.
The only place that sensitive, unencrypted data could be
on such a machine is in swap. In fact, it is _likely_ to
be in swap.
Encrypted swap solves this _particular_ problem nicely,
does it not?
Torrey
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/