On 14 November 2012 09:51, Benjie Gillam <ben...@jemjie.com> wrote: > > I agree with encryption being a better option, but the risk is if you don't > shut down then your encryption key is still stored in RAM (most cold boot > RAM extraction issues have been solved by shutdown scripts in the last few > years, I think?) and if there's a bug in your screensaver (or whatever locks > people out when you resume from standby) then they can bypass it and get > full access to all your data. (E.g. Google for gnome-screensaver bypass > vulnerability or, even more worryingly, Xorg screen lockers bypass > vulnerability [1].) >
Yes, encryption makes remote wipe unnecessary. If the remote person does not know your password, the information stored on the laptop is a random pile of mess. I think it would be nice to see a feature in Linux whereby the suspend to RAM erases the disk password held in RAM, and prompts the users for it on resume. That would help make a bit more of the data protected while in standby. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --------------------------------------------------------------
