From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vAU0tG9Lj96V for ; Thu, 16 Jan 2014 21:18:43 +0100 (CET) Received: from awesome.dsw2k3.info (unknown [IPv6:2a01:198:661:1f::3]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Thu, 16 Jan 2014 21:18:43 +0100 (CET) Date: Thu, 16 Jan 2014 21:18:37 +0100 From: Matthias Schniedermeyer Message-ID: <20140116201837.GA16656@citd.de> References: <638F1A81-8F17-4E18-8993-7F848EA84F08@offensive-security.com> <20140114043042.GA15870@tansi.org> <52D6EF1B.4020206@gmail.com> <52D7AB5E.8020302@redhat.com> <52D833F1.5010205@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <52D833F1.5010205@gmail.com> Subject: Re: [dm-crypt] nuke password to delete luks header List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz Cc: dm-crypt@saout.de On 16.01.2014 20:33, Milan Broz wrote: > > But I cannot say that all possible situations comes under this qualification. > Maybe it can help someone in dangerous situation to not leak some important data > which later help others. Dunno. > > Still it doesn't mean it is worth to be implemented but let's think > at least twice here please. Meanwhile increasing the risk of everybody else, because once that feature is a documented part of the system everybody will assume that everybody will use it. Good look defending against a "Destruction of Evidence" accusation, in case that happens in a situation with a LEO. Same as the hidden volume "feature" of Truecypt which everybody will assume you use, because it's such a swell feature. (Plausible deniabilty? Yeah sure ) In short: The documented existence of such a feature is a risk by itself. -- Matthias