Pavel Machek wrote:
> Hi!
>
>
2) An attacker breaks into your machine remotely while you're using
it. He has access to all your RAM, which if you're actually using it,
very likely including the same IPSEC, dm_crypt, and ssh-agent keys as
are saved on suspend. Further, he can trivi
Hi!
> > > 2) An attacker breaks into your machine remotely while you're using
> > > it. He has access to all your RAM, which if you're actually using it,
> > > very likely including the same IPSEC, dm_crypt, and ssh-agent keys as
> > > are saved on suspend. Further, he can trivially capture your
>
On Wed, Jul 27, 2005 at 01:12:49AM +0200, Pavel Machek wrote:
> Hi!
>
> > > Well, "how long are my keys going to stay in swap after
> > > swsusp"... that's pretty scary.
> >
> > Either they're likely in RAM _anyway_ and are thus already trivially
> > accessible to the attacker (for things like dm
Hi!
> > Well, "how long are my keys going to stay in swap after
> > swsusp"... that's pretty scary.
>
> Either they're likely in RAM _anyway_ and are thus already trivially
> accessible to the attacker (for things like dm_crypt or IPSEC or
> ssh-agent), or the application took care to zero them o
On Wed, Jul 27, 2005 at 12:14:46AM +0200, Pavel Machek wrote:
> Hi!
>
> > > > the attached patches are acked by Pavel and signed off by me
> > >
> > > OK, well I queued this up, without a changelog. Because you didn't send
> > > one. Please do so. As it adds a new feature, quite a bit of info
Hi!
> > > the attached patches are acked by Pavel and signed off by me
> >
> > OK, well I queued this up, without a changelog. Because you didn't send
> > one. Please do so. As it adds a new feature, quite a bit of info is
> > relevant.
>
> I don't like this patch. It reinvents a fair amount
Hi!
> > > the attached patches are acked by Pavel and signed off by me
> >
> > OK, well I queued this up, without a changelog. Because you didn't send
> > one. Please do so. As it adds a new feature, quite a bit of info is
> > relevant.
>
> I don't like this patch. It reinvents a fair amount
On Mon, Jul 25, 2005 at 08:10:36PM -0700, Andrew Morton wrote:
> Andreas Steinmetz <[EMAIL PROTECTED]> wrote:
> >
> > the attached patches are acked by Pavel and signed off by me
>
> OK, well I queued this up, without a changelog. Because you didn't send
> one. Please do so. As it adds a new fe
Andreas Steinmetz <[EMAIL PROTECTED]> wrote:
>
> the attached patches are acked by Pavel and signed off by me
OK, well I queued this up, without a changelog. Because you didn't send
one. Please do so. As it adds a new feature, quite a bit of info is
relevant.
It should include a description of
Andrew Morton wrote:
> Pavel Machek <[EMAIL PROTECTED]> wrote:
>
>>To prevent data gathering from swap after resume you can encrypt the
>>suspend image with a temporary key that is deleted on resume. Note
>>that the temporary key is stored unencrypted on disk while the system
>>is suspended... sti
On Thu, 7 Jul 2005, Pavel Machek wrote:
Hi!
Hi!
To prevent data gathering from swap after resume you can encrypt the
suspend image with a temporary key that is deleted on resume. Note
that the temporary key is stored unencrypted on disk while the system
is suspended... still it means that sa
Hi!
> >>>To prevent data gathering from swap after resume you can encrypt the
> >>>suspend image with a temporary key that is deleted on resume. Note
> >>>that the temporary key is stored unencrypted on disk while the system
> >>>is suspended... still it means that saved data are wiped from disk
>
On Wed, 6 Jul 2005, Pavel Machek wrote:
Hi!
To prevent data gathering from swap after resume you can encrypt the
suspend image with a temporary key that is deleted on resume. Note
that the temporary key is stored unencrypted on disk while the system
is suspended... still it means that saved da
Hi!
> > To prevent data gathering from swap after resume you can encrypt the
> > suspend image with a temporary key that is deleted on resume. Note
> > that the temporary key is stored unencrypted on disk while the system
> > is suspended... still it means that saved data are wiped from disk
> > d
Pavel Machek <[EMAIL PROTECTED]> wrote:
>
> To prevent data gathering from swap after resume you can encrypt the
> suspend image with a temporary key that is deleted on resume. Note
> that the temporary key is stored unencrypted on disk while the system
> is suspended... still it means that saved d
15 matches
Mail list logo
