encrypted swap

David Maynor (david.maynor@oit.gatech.edu)
Tue, 07 Aug 2001 11:28:45 -0400


>
>This is not about paranoia, this is about stolen notebooks.
>
>(And you can't easily add hundreds of megabytes to such systems
>usually.)

Then you can use a hardware token so that the machine will not boot at all
with out it present or write an encrypted super block, but I can't really
see the advantage of encrypted swap. At the point it would become
effective, the attacker is already on the machine (from remote access or
the have physical access) and then its not if you can keep them from
getting the info, its only a matter of when.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/