From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <htd@fancy-poultry.org>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id t3kVEqAt7RVY for <dm-crypt@saout.de>;
 Sat, 27 Oct 2012 12:48:06 +0200 (CEST)
Received: from moutng.kundenserver.de (moutng.kundenserver.de
 [212.227.126.171]) (using TLSv1 with cipher RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Sat, 27 Oct 2012 12:48:05 +0200 (CEST)
Date: Sat, 27 Oct 2012 12:48:03 +0200
From: Heinz Diehl <htd@fancy-poultry.org>
Message-ID: <20121027104803.GB1497@fancy-poultry.org>
References: <508B6637.5020200@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <508B6637.5020200@gmail.com>
Subject: Re: [dm-crypt] Memory Overwrite Request in cryptsetup
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On 27.10.2012, dave wrote: 

> Any plans to comply with TCG Platform Reset Attack Mitigation?

Why should this be neccessary? Unless you are a target for one of the
big agencies (which 99.99% of us certainly isn't, and which would raise
completely different problems than keys stored in memory for a few
seconds), it doesn't make sense to me.

To carry out this kind of attack, you need physical access to the
computer, and there's only a very small timeframe. How real is it that
people are just around the corner waiting to attack your machine? If
they would wait, they could actually do it now, while the machine is
turned on.