Message-ID: <425F8CEB.9010806@domdv.de>
Date: Fri, 15 Apr 2005 11:44:11 +0200
From: Andreas Steinmetz <ast@domdv.de>
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050322)
MIME-Version: 1.0
To: Matt Mackall <mpm@selenic.com>
CC: Andy Isaacson <adi@hexapodia.org>, Stefan Seyfried <seife@suse.de>,
       Herbert Xu <herbert@gondor.apana.org.au>, Pavel Machek <pavel@ucw.cz>,
       linux-kernel@vger.kernel.org, "Rafael J. Wysocki" <rjw@sisk.pl>
Subject: Re: [PATCH encrypted swsusp 1/3] core functionality
References: <E1DLgWi-0003Ag-00@gondolin.me.apana.org.au> <20050414065124.GA1357@elf.ucw.cz> <20050414080837.GA1264@gondor.apana.org.au> <200504141104.40389.rjw@sisk.pl> <20050414171127.GL3174@waste.org> <425EC41A.4020307@suse.de> <20050414195352.GM3174@waste.org> <20050414221153.GE27881@hexapodia.org> <20050414224846.GQ3174@waste.org>
In-Reply-To: <20050414224846.GQ3174@waste.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 846
Lines: 18

Matt Mackall wrote:
> A much more likely vector is stealing the laptop while it's suspended.
> And the encrypted swsusp patch has -zero- security here: it writes the
> key in the header in the clear. It's rather odd that everyone's hung
> up on the "box rooted after resume" attack and completely ignoring the
> much more common "stole my laptop" attack.
> 

Thats because you have already have a solution for "stolen while
suspended" with dm-crypt and initrd/initramfs but you don't have a
solution for "rooted after resume".
-- 
Andreas Steinmetz                       SPAMmers use robotrap@domdv.de
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/