On 2011-02-18 18.17, Kevin Chadwick wrote: > On Fri, 18 Feb 2011 16:17:25 +0100 > Joachim Schipper wrote: >> On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote: >>> does it exists? >> Not yet.
> Hibernate offers more integrity of user data but it's a lot less > secure, discounting the boot virus's like the one mentioned on P. > Hansteen's site that may? be hindered by power removal. (Anyone heard > more about those or how that one worked.) > "http://bsdly.blogspot.com/2010/10/if-it-runs-openbsd-it-has-to-be.html"; > I don't really see how hibernate could be done safely without all > systems having a TPM. Maybe a storage file in /var that only root can > access, but that's still a compromise. I'm sure it's just my too-narrow mind, but I fail to see any particular security implications that are not also implied by having actual physical access to the machine. Could you elaborate? The one problem I see is the risk of being able to read system memory from the hibernation storage if someone unauthorized gains access to the system and boots it into single-user mode or removes the disk and reads it in another computer. But the way I imagine hibernation to be implemented would be to simply swap out all memory to the (by default) encrypted swap space, and then somehow flag the upcoming next boot that the swap contains live hibernation data, and provide the encryption key (which of course becomes the weak point). Then for the really paranoid, the location of that flag and key could perhaps be configurable, and be set to a USB stick or memory card that can be removed and for example travel separately from the laptop itself. Not perfect of course, but then again, if access to the physical hardware is gained all bets are more or less off anyway. Regards, /Benny -- internetlabbet.se / work: +46 8 551 124 80 / "Words must Benny LC6fgren / mobile: +46 70 718 11 90 / be weighed, / fax: +46 8 551 124 89 / not counted." / email: benny -at- internetlabbet.se
