Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S268157AbUI2C0n (ORCPT ); Tue, 28 Sep 2004 22:26:43 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S268159AbUI2C0m (ORCPT ); Tue, 28 Sep 2004 22:26:42 -0400 Received: from clock-tower.bc.nu ([81.2.110.250]:39561 "EHLO localhost.localdomain") by vger.kernel.org with ESMTP id S268157AbUI2C0H (ORCPT ); Tue, 28 Sep 2004 22:26:07 -0400 Subject: Re: mlock(1) From: Alan Cox To: jonathan@jonmasters.org Cc: Robert White , Andrea Arcangeli , Nigel Cunningham , Chris Wright , Jeff Garzik , Linux Kernel Mailing List , Andrew Morton In-Reply-To: <35fb2e59040928181676b15c1b@mail.gmail.com> References: <20040928221520.GF4084@dualathlon.random> <35fb2e59040928181676b15c1b@mail.gmail.com> Content-Type: text/plain Content-Transfer-Encoding: 7bit Message-Id: <1096421006.14637.4.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 (1.4.6-2) Date: Wed, 29 Sep 2004 02:23:28 +0100 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1628 Lines: 35 On Mer, 2004-09-29 at 02:16, Jon Masters wrote: > I don't see in your argument how this is meant to be cryptographically > secure. Nor do I see from any of the original mail an idea which does > anything more than offer a fake promise of security to those who are > willing to assume only dumb criminals steal their laptop. This is > worse than no security at all and renders the idea of encrypting swap > completely useless. Most criminals are dumb. That means a boot screen that says "Property of Dave Miller, if found please leave anywhere in Tahoe" "Password:" and a boot/bios password will defeat them and may get the laptop dumped back where it can be recovered. Thus don't rule out the value of the deterrent It isnt appropriate if you leave national secrets on the train like all our finest government employees keep doing obviously. > 1). I open the laptop up (I'm allowed to do that if I've already nicked it :P). > 2). I take a copy of the BIOS. > 3). I replace the BIOS with a hardware configuration (however done - > perhaps hot swapping chips, perhaps some simple logic device helps me) > in which the original BIOS is available once booting begins. > 4). That part of the security model was just destroyed. This threat level is why secure systems people use smartcards for the encryption keys and related processing. Just don't leave the smartcard on the train! - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/