Message-ID: <417D38F7.1040204@grupopie.com>
Date: Mon, 25 Oct 2004 18:33:43 +0100
From: Paulo Marques <pmarques@grupopie.com>
Organization: Grupo PIE
User-Agent: Mozilla Thunderbird 0.7.1 (X11/20040626)
MIME-Version: 1.0
To: Valdis.Kletnieks@vt.edu
Cc: "Nico Augustijn." <kernel@janestarz.com>, hvr@gnu.org,
       clemens@endorphin.org, linux-kernel@vger.kernel.org
Subject: Re: Cryptoloop patch for builtin default passphrase
References: <200410251354.31226.kernel@janestarz.com> <200410251719.i9PHJmOi009687@turing-police.cc.vt.edu>
In-Reply-To: <200410251719.i9PHJmOi009687@turing-police.cc.vt.edu>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1043
Lines: 30

Valdis.Kletnieks@vt.edu wrote:
> On Mon, 25 Oct 2004 13:54:31 +0200, "Nico Augustijn." said:
> 
> 
>>But all that takes some searching. And the passphrase is also XOR-ed with the
>>first 32 bytes of /dev/nvram.
> 
> 
> So if something touches the first 32 bytes of NVRAM, your data evaporates?
> 
> Is this considered a desirable result?

I don't have any feelings about this patch, but it seems to me that you 
could always store the contents of the nvram somewhere "safe" (you could 
even write them down and take it to a safe deposit box in a bank :) ), 
and, if those contents happen to change, you could always write them 
again...

Just my 0.02 euros,

-- 
Paulo Marques - www.grupopie.com

All that is necessary for the triumph of evil is that good men do nothing.
Edmund Burke (1729 - 1797)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/