oh, there's lots of scenarios. :) i am definitely in the camp that says
encrypted swap is good, though. and that was a good one.
On Wed, 8 Aug 2001, Ben Ford wrote:
> Wiping swap on boot will achieve the same effect.
1. takes far longer. encrypting swap is not a substantial operation.
wiping is. you'd have to wipe all 0's, then a 1010 pattern, then all 1's
to get decent security. (encryption is spread out over time - done
incrementally. wiping must be done all at once.)
2. anyone stealing a disk to get data out of it sure as hell isn't going
to boot it up and run your init scripts.
--
"People blame me because these water mains break, but I ask you,
if the water mains didn't break, would it be my responsibility to
fix them then? WOULD IT!?!"
- M. Barry, Mayor of Washington, DC
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/