On Thu, Oct 19, 2017 at 04:37:54PM -0400, Daniel Kahn Gillmor wrote:
> suspend-to-disk
> ---
> If the user suspends to disk, then the memory will be written to disk.
even if the user suspends to RAM, the key will stay in memory, which is
can be pretty bad (as it can be taken from
On Thu, Oct 19, 2017 at 04:37:54PM -0400, Daniel Kahn Gillmor wrote:
> It's a shame that encrypted swap by default hasn't happened yet for
> debian.
[...]
> actual hardware performance
> ---
>
> I suspect the cost is negligible on most hardware today, particularly
> when
It's a shame that encrypted swap by default hasn't happened yet for
debian.
As i see it, the three outstanding concerns are:
a) source of entropy at boot time
b) actual hardware performance
c) suspend-to-disk
boot time entropy
-
The linux kernel's getrandom() situation is
Hi Lars,
Lars Wirzenius l...@liw.fi (2015-08-16):
Package: partman-crypto
Severity: wishlist
Tags: d-i
Could we enable encryption of swap by default, even when full disk
encryption is not used? As far as I undrestand, there is no
performance issue for this for most hardware made in the
Package: partman-crypto
Severity: wishlist
Tags: d-i
Could we enable encryption of swap by default, even when full disk
encryption is not used? As far as I undrestand, there is no
performance issue for this for most hardware made in the past
half-decade. Swap encryption also doesn't require the
On Sun, Aug 16, 2015 at 03:55:24PM +0200, Lars Wirzenius wrote:
Could we enable encryption of swap by default, even when full disk
encryption is not used? As far as I undrestand, there is no
performance issue for this for most hardware made in the past
half-decade.
This is obviously wrong.
6 matches
Mail list logo