On Fri, Feb 18, 2011 at 04:54:57PM -0500, Ted Unangst wrote:
> On Fri, Feb 18, 2011 at 3:35 PM, Joachim Schipper
> <joac...@joachimschipper.nl> wrote:
> > Actually, if one could specify an encryption password for the memory
> > written to disk, a stolen hibernating system would be less dangerous
> > than a running/ACPI-sleeping system because it's suddenly impossible to
> > get interesting data from the system memory. Interesting data like the
> > keys in ssh-agent or a softraid decryption key.
>
> Not really much difference between encrypting memory that's written to
> disk and memory that's just left in memory.
Yes, but when hibernating you can be pretty sure that e.g. disk cache
and video memory are actually empty. You do have a good point, but there
are just more potential problems with ACPI sleep.
Or am I babbling nonsense? I'll admit to not knowing much about ACPI...
Joachim
--
TFMotD: ec (4) - 3Com EtherLink II (3c503) Ethernet device
http://www.joachimschipper.nl/
