2.6.3-mm1 'dm-crypt vs. cryptoloop' discussion was some time ago, it is
time to bring this up again:
http://kerneltrap.org/node/2433
I'm no cryptanalyst, but googling a bit shows a bunch of problems with
it (also see above thread), there is no maintainer and most importantly
there is a replacement for it that has active maintainers. Redundant
security solutions is a risky thing to me.
===== Documentation/feature-removal-schedule.txt 1.4 vs edited =====
--- 1.4/Documentation/feature-removal-schedule.txt 2005-01-14 22:22:44 +01:00
+++ edited/Documentation/feature-removal-schedule.txt 2005-03-05 22:13:12 +01:00
@@ -15,3 +15,10 @@ Why: It has been unmaintained for a numb
against the LSB, and can be replaced by using udev.
Who: Greg Kroah-Hartman <[email protected]>
+
+What: cryptoloop
+When: July 2005
+Files: drivers/block/cryptoloop.c and parts of drivers/block/loop.c
+Why: Unmaintained, has vulnerabilities that haven't been fixed.
+ Superseded by dm-crypt that has been in mainline for a long time
+ now: http://www.saout.de/misc/dm-crypt/
On Sat, Mar 05, 2005 at 10:35:24PM +0100, Alexander Nyberg wrote:
> 2.6.3-mm1 'dm-crypt vs. cryptoloop' discussion was some time ago, it is
> time to bring this up again:
> http://kerneltrap.org/node/2433
Are you a troll?
This is not something to be quoted by anybody serious.
Andrew referred to "well-known weaknesses" in cryptoloop,
and when I inquired it turned out that what he referred to
were properties of cryptoloop and dm-crypt alike, so that
his remarks that started that discussion were misguided.
Of course people may prefer dm-crypt or cryptoloop or loop-aes,
just like people prefer ide-cd or ide-scsi.
I have not yet seen a valid reason to deprecate one of these three
very soon.
Andries
Hi!
> > 2.6.3-mm1 'dm-crypt vs. cryptoloop' discussion was some time ago, it is
> > time to bring this up again:
> > http://kerneltrap.org/node/2433
>
> Are you a troll?
>
> This is not something to be quoted by anybody serious.
>
> Andrew referred to "well-known weaknesses" in cryptoloop,
> and when I inquired it turned out that what he referred to
> were properties of cryptoloop and dm-crypt alike, so that
> his remarks that started that discussion were misguided.
>
> Of course people may prefer dm-crypt or cryptoloop or loop-aes,
> just like people prefer ide-cd or ide-scsi.
>
> I have not yet seen a valid reason to deprecate one of these three
> very soon.
I'd say that "no-maintainer" + "maintained code can do the same" is enough, but...
I thought that ide-scsi was deprecated, too?
--
64 bytes from 195.113.31.123: icmp_seq=28 ttl=51 time=448769.1 ms
On Wed, Mar 09, 2005 at 08:32:13PM +0100, Pavel Machek wrote:
> Hi!
>
> > > 2.6.3-mm1 'dm-crypt vs. cryptoloop' discussion was some time ago, it is
> > > time to bring this up again:
> > > http://kerneltrap.org/node/2433
> >
> > Are you a troll?
> >
> > This is not something to be quoted by anybody serious.
> >
> > Andrew referred to "well-known weaknesses" in cryptoloop,
> > and when I inquired it turned out that what he referred to
> > were properties of cryptoloop and dm-crypt alike, so that
> > his remarks that started that discussion were misguided.
> >
> > Of course people may prefer dm-crypt or cryptoloop or loop-aes,
> > just like people prefer ide-cd or ide-scsi.
> >
> > I have not yet seen a valid reason to deprecate one of these three
> > very soon.
>
> I'd say that "no-maintainer" + "maintained code can do the same" is enough, but...
> I thought that ide-scsi was deprecated, too?
You can attach a file to loopback and then run dm-crypt on top of
that, so I think it's completely duplicate functionality at this
point.
--
Mathematics is the supreme nostalgia of our time.